Re: Remote Desktop Web Connection

From: Al Kazan (anonymous_at_discussions.microsoft.com)
Date: 10/06/04

  • Next message: Ken Schaefer: "Re: Permission to ask Active Directory"
    Date: Tue, 5 Oct 2004 15:09:08 -0700
    
    

    Thanks Mike, I thought this was the case but the
    documentation I found was vague. I am using Windows XP
    Pro. As you note risk is reducible but not eliminatable.
    >-----Original Message-----
    >Hi,
    >
    >RDP sessions are by default encrypted. How strong this
    encryption is depends
    >on OS and RDP client (Windows 2003 and latest client
    will by default use 128
    >bit encryption), Windows 2000 will use lower encryption.
    >
    >Note, you will have to open TCP port 3389 to access your
    server using RDP
    >client...
    >
    >What is risk here:
    >* anyone in the world can access logon site of your
    server (unless you
    >restrict this to specific IP, but then you can't logon
    to your server from
    >anywhere in the world)
    >* if you use cybercafé or something similar someone
    could sniff information
    >that you pass from computer in cybercafé to your server
    >* ...
    >
    >I hope this helps,
    >
    >Mike
    >
    >"Al Kazan" <anonymous@discussions.microsoft.com> wrote
    in message
    >news:2c6301c4ab19$864e5870$a501280a@phx.gbl...
    >> If you implement Remote Desktop Web Connection as part
    of
    >> IIS and you set up a web address via a Dynamic Hosting
    >> service you can use it to go through your local router
    to
    >> your computer and sign on your computer from any where
    in
    >> the world. How secure is this? When you reach your
    >> computer you must type in your password. Is this
    >> protected in any way if you choose anonymous access or
    >> can it be easily sniffed for passwords?
    >
    >
    >.
    >


  • Next message: Ken Schaefer: "Re: Permission to ask Active Directory"