Re: How secured is Remote Desktop?
- From: "Chris Priede" <priede@xxxxxxxxx>
- Date: Tue, 29 Nov 2005 06:15:28 -0500
Hi,
Techmanblues wrote:
> How secured is Remote Desktop in its default settings when both
> machines are XP Pro with the latest patches? Obviously the initial
> handshaking when username and password are sent is encrypted, but is
> subsequent data tranfer also encrypted as well?
Yes.
> If so how strong is the encryption?
The highest available encryption level is used by default, which amounts to
128-bit RC4. There are some flaws with it -- plaintext checksums make a
cryptoanalysis attack potentially easier than it should be -- however, it's
still quite well encrypted and the keys are unique to each session.
The single layer of authentication (username and password only) is usually a
more serious problem. For high security requirements, consider wraping RDP
access with a VPN and smart card or certificate authentication.
For personal use, make sure your Windows user accounts have decent
passwords. If you only connect from certain locations (e.g. from the office
to your home computer) you can configure your firewall (or router, if there
is one) to only allow RDP connections from certain IP addresses or address
blocks.
--
Chris Priede
I
.
- Prev by Date: Re: How secured is Remote Desktop?
- Next by Date: Re: RDC to PC on domain
- Previous by thread: Re: How secured is Remote Desktop?
- Next by thread: Re: RDC to PC on domain
- Index(es):
Relevant Pages
|
