RE: Security of Remote Desktop Connection VS Remote Desktop Web Connec

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Patrick Rouse [MVP] (PatrickRouseMVP_at_discussions.microsoft.com)
Date: 09/03/04 

Date: Fri, 3 Sep 2004 14:13:01 -0700

In the purest sense, the regular Remote Desktop Client is more secure,
because it requires only one port to be open in your firewall, port 3389.
All the RDWC does is deliver the ActiveX Client & connection settings to the
Internet Explorer Client. Once the ActiveX Client & connection settings are
loaded all communication itakes place between the Remote Desktop Client &
Terminal Server over port 3389. The web server does not contact the TS in
any way.

Patrick Rouse
Microsoft MVP - Terminal Server
http://www.workthin.com

"WorldDreams" wrote:

> I am setting up a test bed Windows 2003 Terminal server and have the
> following security questions.
>
> Which client is more secure for a 2003 Terminal Server connection?
> Remote Desktop Connection or the Remote Desktop Web Connection? The
> main concern is remote connections from outside the network.
>
> I have noticed that I can run of the Remote Desktop Connection setting
> the encryption level to FIPS and the web client can be turned off via
> not having the TSWEB exist. An addition level of security is given to
> the web client via having the web password protected.
>
> Port 3389 and 82(web server) do both of these ports need to be open
> for the Remote Desktop Web Connection?
>
> Port 82(web server) and 3389 do both of these ports need to be open
> for the Remote Desktop Connection?
>

Relevant Pages

  • Re: interfaces lo:1 lo:2 lo:3? (for remote ssh tunnels)
    ... That's the problem tunneling (port forwarding) solves. ... >>can't get past the client firewall. ... > I don't understand why the server would be making the ... server initiates another connection to the client -- in this ...
    (Debian-User)
  • Re: RWW Misbehaving
    ... through click Start and Accessories and Communications and Remote Desktop ... 828053 ISA Server prevents connection to a remote desktop when you connect ... Can you connect to the computer on SBS and other client computer via ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: Using Remote Desktop From an SBS Domain
    ... Internet connection, bypassing my SBS/ISA network all together. ... end of a Remote Desktop connection and have found little about it. ... the port number you connect to from 80 to a port of your ...
    (microsoft.public.windows.server.sbs)
  • Re: Using Remote Desktop From an SBS Domain
    ... when you tried to RDP while attached directly to a port on your router? ... So if 3389 needs forwarded on the client end too then that is what the ... Hopefully next week I can attempt a connection while my ISP watches the ...
    (microsoft.public.windows.server.sbs)
  • Re: Remote Desktop Office to Home PC
    ... > permanent DSL Connection and a DynamicDNS Account) - IT WORKS from ... then why can I connect to my home-router through the same port ... > Essentially - you just said you have a home router (assuming cable ... > Remote Desktop port) by ways of a Remote Desktop Client. ...
    (microsoft.public.windowsxp.work_remotely)