RE: remote desktop question

From: Stacy Olivas (olivas@digiflux.org)
Date: 01/02/03

  • Next message: David M. Fetter: "Re: remote desktop question" 
    From: "Stacy Olivas" <olivas@digiflux.org>
To: <ekluegel@web.de>, <security-basics@securityfocus.com>
Date: Thu, 2 Jan 2003 20:48:45 +0100

    Yes it does, but, like anything else, adding an extra layer of security
    doesn't hurt too much.

    Besides, I'm sure a lot of people on this list may argue as to whether or
    not the encryption used in these
    products is really secure, or if they are just there as "marketing hype".
    (How many exploits/compromises have there
    been as a result of these "services"?)

    The question boils down to: How much security is right for you? And do you
    value your systems/data?

    Here are some interesting links on the issue:
    http://online.securityfocus.com/archive/1/292127
    http://www.secunia.com/advisories/7118/

    and finally:

    http://support.microsoft.com/default.aspx?scid=KB;en-us;324380&

    -----Original Message-----
    From: ekluegel@web.de [mailto:ekluegel@web.de]
    Sent: Thursday, January 02, 2003 7:58 PM
    To: security-basics@securityfocus.com
    Cc: Stacy Olivas; scottslists@barringtonlibrary.org
    Subject: Re: remote desktop question

    Am Donnerstag, 2. Januar 2003 19:33 schrieb Stacy Olivas:
    The rdp 4/5 (Microsoft) and ICA (Citrix) protocol are encryptet by design.

    See an overview about ICA and RDP:

    http://www.microsoft.com/windows2000/server/evaluation/features/rdp.asp

    > Whenever I use Terminal Services (a.k.a Remote Desktop) I establish an ssh
    > session and use the port forwarding feature
    > to tunnel the ts session thru.
    >
    >
    > -----Original Message-----
    > From: scott [mailto:scottslists@barringtonlibrary.org]
    > Sent: Thursday, January 02, 2003 5:38 PM
    > To: security-basics@securityfocus.com
    > Subject: remote desktop question
    >
    >
    > hi,
    >
    > this might be a stupid question but, is there any encryption used with
    > remote desktop. also, if there is not is there any products (free or low
    > cost) that i can use to protect my remote desktop connections, such as
    vpn,
    > and what is the best way to set it up?
    >
    > thanks
    >
    > Scott 

    --
CU Elmar

    Relevant Pages

    • Re: Remote Desktop or equivalent
      ... Encryption is on by default. ... If you are paranoid with security, load SecureRDP on the XP box. ... I have a network of 7 pcs in a non-profit organizational setting ... I was told Remote Desktop ...
      (microsoft.public.windows.terminal_services)
    • Re: Documentation on Security?
      ... about "Documentation on Security?": ... I found some stuff on the Microsoft ... web pages about remote desktop, but nothing on the encryption I was hoping it used. ...
      (microsoft.public.windowsxp.work_remotely)
    • Re: Windows Server 2008 TS Error.
      ... I use any other method to achieve the same.It is security breach and any ... Microsoft MVP - Terminal Services ... How can i prevent users from accessing drives of WIN2K8 server.?? ... members of the Remote Desktop Users group have this ...
      (microsoft.public.windows.terminal_services)
    • Re: The person you called is not able to accept netmeeting call
      ... Only XP SP2 or all of XP? ... security boxes, saving the change and then re-checking the security boxes ... > accept netmeeting calls" from the client. ... > only happens with the RDS (Remote Desktop Sharing) feature. ...
      (microsoft.public.internet.netmeeting)
    • Re: Finding a Hacker
      ... Settings, Security Settings, Local Policies. ... create an account you couldn't see, but if you thought they may have ... Your problem is not restricting remote desktop connections. ... got logged off and a user "userHacker" logged back in. ...
      (microsoft.public.windows.server.active_directory)