Secure RDP with WS2003 and Vista

Microsoft’s RDP protocol is used extensively throughout the world in many organisations as well as SOHO and home users. However, some people say things like it’s fine from a security stand-point as it’s encrypted – and well yes…. it is encrypted… BUT:

  • Server authentication – RDP does not provide authentication to a terminal server
  • Hacking tools such as TS Grinder/TSCrack can be used

To try and mitigate this weakness you can use TLS/SSL over RDP which will also increase the encryption level, in addition Microsoft now support FIPS compliant levels with Windows Server 2003 SP1/SP2, Windows XP SP2, Windows Vista and when released Windows Server Longhorn. You can also configure client computers with the trusted certificate to be the only devices allowed to connect.

Listed below are links for further research and step-by-step procedures, so you can start to implement this today!

Bookmark the permalink.