Microsoft’s RDP protocol is used extensively throughout the world in many organisations as well as SOHO and home users. However, some people say things like it’s fine from a security stand-point as it’s encrypted – and well yes…. it is encrypted… BUT:
- Server authentication – RDP does not provide authentication to a terminal server
- Hacking tools such as TS Grinder/TSCrack can be used
To try and mitigate this weakness you can use TLS/SSL over RDP which will also increase the encryption level, in addition Microsoft now support FIPS compliant levels with Windows Server 2003 SP1/SP2, Windows XP SP2, Windows Vista and when released Windows Server Longhorn. You can also configure client computers with the trusted certificate to be the only devices allowed to connect.
Listed below are links for further research and step-by-step procedures, so you can start to implement this today!
- Microsoft KB 895433 – How to configure a Windows Server 2003 terminal server to use TLS for server authentication
- Microsoft Technet article – Configuring authentication and encryption
- Windowsecurity.com – How to secure remote desktop connections using TLS/SSL based authentication:
- Microsoft KB925876 – A Remote Desktop Connection 6.0 client update is available
- Techrepublic – Connect securely to Windows Vista Remote Desktop
Categories
-
Recent Posts
Archives
- January 2020
- December 2019
- July 2019
- February 2019
- January 2019
- December 2018
- November 2018
- September 2018
- July 2018
- March 2018
- January 2018
- September 2017
- August 2017
- June 2017
- May 2017
- April 2017
- January 2017
- December 2016
- August 2016
- June 2016
- May 2016
- April 2016
- March 2016
- January 2016
- October 2015
- September 2015
- January 2015
- August 2014
- May 2014
- February 2014
- December 2013
- November 2013
- October 2013
- June 2013
- February 2013
- January 2013
- October 2012
- September 2012
- August 2012
- July 2012
- April 2012
- March 2012
- February 2012
- December 2011
- November 2011
- October 2011
- September 2011
- July 2011
- May 2011
- April 2011
- February 2011
- November 2010
- October 2010
- August 2010
- July 2010
- May 2010
- March 2010
- February 2010
- December 2009
- October 2009
- August 2009
- July 2009
- May 2009
- April 2009
- March 2009
- February 2009
- December 2008
- November 2008
- October 2008
- September 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- August 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- August 2006
- March 2006
- February 2006
- January 2006
- October 2005