Re: Is Remote Desktop Connection Login secure over wireless?

From: Miha Pihler [MVP] (
Date: 07/18/05

Date: Mon, 18 Jul 2005 10:48:14 +0200


If I may add, just double check on Terminal server that the Encryption Level
is set to at least High.

For added security you could also add TLS to prevent e.g.
"man-in-the-middle" attacks...

How to configure a Windows Server 2003 terminal server to use TLS for server

Microsoft MVP - Windows Security
"Steven L Umbach" <> wrote in message 
> Remote Desktop establishes the tunnel before you logon.  You do not have 
> to do anything special. Just make sure you use real strong passwords on 
> your computer as others most likely attempt to logon also when they see 
> port 3389 TCP open on your computer.  I would also enable auditing of 
> logon events in Local Security Policy so that you can keep track of such. 
> If you find an abuser you could try to configure your firewall or ipsec 
> filter to block access from that persons public IP address.   --- Steve
> "Mark Findlay" <> wrote in message 
> news:eMA8jNyiFHA.1412@TK2MSFTNGP09.phx.gbl...
>> Thanks Steve,
>> Just to clarify my understanding: the "secure tunnel" you refer to - 
>> that's something that RDC creates automatically on my behalf? In other 
>> words, there are no special configurations or special connection settings 
>> I need to create on my laptop or the target PC? I only ask since I had 
>> seen some references in other postings to private VPN etc., and I don't 
>> have any of that set up. I am just using the default installations of XP 
>> on both laptop and PC.
>> If there are any special configuration steps I need in order to establish 
>> the "secure tunnel", could you elaborate on those?
>> Many thanks!
>> Mark
>> "Steven L Umbach" <> wrote in message 
>> news:eIHF00kiFHA.2644@TK2MSFTNGP09.phx.gbl...
>>> The secure tunnel is created before you enter your credentials and even 
>>> then your password is never sent over the network. However I would never 
>>> enter my credentials on a public  kiosk computer or other computer that 
>>> I do not know is secure/clean. From your description it sounds as if you 
>>> are using your own laptop.  --- Steve
>>> "Mark Findlay" <> wrote in message 
>>> news:%23ZSCsSkiFHA.500@TK2MSFTNGP09.phx.gbl...
>>>> Greetings experts!
>>>> When I am using free public wireless hotspots such as coffee-houses, 
>>>> etc., the security warning indicates that the connection is not secure, 
>>>> and I understand that (essentially :)
>>>> My question is: If I use an un-secured wireless network connection, 
>>>> then attempt to use Windows Remote Desktop Connection to connect to my 
>>>> PC at home, is the username and password I type into the Remote Desktop 
>>>> Connection settings encrypted or otherwise protected? Or am I at risk 
>>>> of hackers intercepting the login credentials I pass to RDC?
>>>> Thanks!