Solved

RDC password transmit security

Posted on 2004-03-31
2
685 Views
Last Modified: 2013-12-04
Hi,
I want to setup a Remote Desktop Connection from my XP laptop over the internet to a Windows 2000 Server running Terminal Services. There is a concern that when connecting using RDC the password is sent in plain text. Can someone confirm this for me, or point me to where I can find out for sure.
If this is the case, what can be done to increase the security of the password info being sent.
Thanks,
Bill
0
Comment
Question by:westone
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 250 total points
ID: 10728890
TS (aka remotedesktop) uses RDP, all information is encoded/encrypted. No password is sent in plain text. I've looked into this many times, you can use a program like ethereal to see, the username however is PT!! At least from my experiments it is.
http://www.windowsecurity.com/articles/Windows_Terminal_Services.html Remember the encryption level is set on the server, not the client connecting to the server. (low encryption is the defualt)

As far as I can tell, there are no real RDP type "crackers"- something that can decrypt what is being sent between host's, without knowledge of the cookie/token exchanged between to two. There are BruteForcers for the password's and usernames. These BF programs will try a username, then start sending passwords, from a dictionary, or generated to try to guess their way into a server. I recommend to my clients to change the port that your TS listen's on, and if using XP to connect to a TS, you can specify this port in the "connect to" field. Connect to: 10.10.10.10:9742  The colon then the port number. If using win2k or lesser to connect to a TS with a port other than 3389, you need to create a CNS file... see the article below.

TS is just like being at the console of a PC or server, even if it's in a domain or AD- with TS YOU CANNOT BE LOCKED OUT BY GUESSING PASSWORDS. You can be disconnected after a few attempts... however you can reconnect as you wish and resume. This is by no means quick, but if someone want's in, they'll keep at it. Change the default port if possible.

Also, you can use a VPN to connect to a server with an encrypted tunnel, then use TS, this will easily increase the security of your transmissions.
http://support.microsoft.com/default.aspx?scid=187623 (change the ts ports)
http://support.microsoft.com/default.aspx?scid=kb;en-us;326945
http://support.microsoft.com/default.aspx?scid=kb;en-us;306759 (xp)
http://support.microsoft.com/default.aspx?scid=kb;en-us;304304 (xp)
GL!
-rich
0
 

Author Comment

by:westone
ID: 10731474
Just what I needed to know, Thanks!
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question