Re: Remote Desktop Protocol
- From: "Martin X." <martin@xxx>
- Date: Tue, 30 Oct 2007 11:22:59 -0400
Hi Philip:
I did some research on this awhile back and made the notes below. Also, I
did find an article about how someone was able to crack an RDP session, but
I can't find the article. But I recall that it was in a lab environment and
was under very specific circumstances. Anyway, here are my notes and some
links. In summary I would say that using the latest version of RDP with the
high encryption setting is safe as far as packet sniffing is concerned. But
as others have mentioned, if you have a key logger on your PC, no network
encryption can help with that.
Even though Terminal Services does by default encrypt the logon session and
data stream, it does not offer server authentication. So theoretically, a
rogue server could masquerade as another server and have users logon to it
and thereby steal the users' logon credentials. Windows Server 2003 Service
Pack 1 (and by default Service Pack 2 since it includes everything in
Service Pack 1) included a new feature that allows Terminal Services
connections to use Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
1.0 for server authentication and also stronger encryption of the logon
session and data stream. This is the same technology that encrypts most
secure Web sites such as those for banking and e-commerce.
To enable SSL/TLS for Terminal Services, a special server security
certificate is required. This certificate can be purchased from any one of
the major security certificate vendors or it can be created by using the
SelfSSL version 1.0 utility from the Microsoft Internet Information Services
(IIS) 6.0 Resource Kit Tools.
In order for client computers to connect to the Terminal Server with SSL
enabled, they need to be running a version of Windows 2000 or Windows XP.
The Remote Desktop Protocol client must be version 5.2 or newer.
http://www.windowsecurity.com/articles/Windows_Terminal_Services.html
http://msdn2.microsoft.com/en-us/library/aa383015.aspx
http://technet2.microsoft.com/WindowsServer/en/library/a92d8eb9-f53d-4e86-ac9b-29fd6146977b1033.mspx?mfr=true
http://www.microsoft.com/technet/security/Bulletin/MS02-051.mspx
--
Regards,
Martin X.
MCSA: M
"Philip" <Philip@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:30E40506-9646-4153-9176-EEE97AE55181@xxxxxxxxxxxxxxxx
Hi, my name is Philip and iam a domain admin.
In my work there's an hostile environment, and i truly believe that some
tools are being using, such as sniffers (linux) and keyloggers.
Is remote desktop, secure enough against these tools, while managing the AD?
If i transfer text from my workstation to the server, is this also encrypt
by the rdp?
Can I use administrative tools, in my desktop, without compromise the
information?
Tks in advance
Philip
.
- Prev by Date: Re: How to block file transfering in MSN Live 8.1
- Next by Date: Re: Remote Desktop Protocol
- Previous by thread: Re: Remote Desktop Protocol
- Next by thread: Re: Remote Desktop Protocol
- Index(es):
Relevant Pages
|
