Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

RDC password transmit security

Posted on 2004-03-31
2
Medium Priority
?
702 Views
Last Modified: 2013-12-04
Hi,
I want to setup a Remote Desktop Connection from my XP laptop over the internet to a Windows 2000 Server running Terminal Services. There is a concern that when connecting using RDC the password is sent in plain text. Can someone confirm this for me, or point me to where I can find out for sure.
If this is the case, what can be done to increase the security of the password info being sent.
Thanks,
Bill
0
Comment
Question by:westone
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 1000 total points
ID: 10728890
TS (aka remotedesktop) uses RDP, all information is encoded/encrypted. No password is sent in plain text. I've looked into this many times, you can use a program like ethereal to see, the username however is PT!! At least from my experiments it is.
http://www.windowsecurity.com/articles/Windows_Terminal_Services.html Remember the encryption level is set on the server, not the client connecting to the server. (low encryption is the defualt)

As far as I can tell, there are no real RDP type "crackers"- something that can decrypt what is being sent between host's, without knowledge of the cookie/token exchanged between to two. There are BruteForcers for the password's and usernames. These BF programs will try a username, then start sending passwords, from a dictionary, or generated to try to guess their way into a server. I recommend to my clients to change the port that your TS listen's on, and if using XP to connect to a TS, you can specify this port in the "connect to" field. Connect to: 10.10.10.10:9742  The colon then the port number. If using win2k or lesser to connect to a TS with a port other than 3389, you need to create a CNS file... see the article below.

TS is just like being at the console of a PC or server, even if it's in a domain or AD- with TS YOU CANNOT BE LOCKED OUT BY GUESSING PASSWORDS. You can be disconnected after a few attempts... however you can reconnect as you wish and resume. This is by no means quick, but if someone want's in, they'll keep at it. Change the default port if possible.

Also, you can use a VPN to connect to a server with an encrypted tunnel, then use TS, this will easily increase the security of your transmissions.
http://support.microsoft.com/default.aspx?scid=187623 (change the ts ports)
http://support.microsoft.com/default.aspx?scid=kb;en-us;326945
http://support.microsoft.com/default.aspx?scid=kb;en-us;306759 (xp)
http://support.microsoft.com/default.aspx?scid=kb;en-us;304304 (xp)
GL!
-rich
0
 

Author Comment

by:westone
ID: 10731474
Just what I needed to know, Thanks!
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question