?
Solved

Is Remote Desktop Safe?

Posted on 2005-05-02
8
Medium Priority
?
14,877 Views
Last Modified: 2013-12-04
Hello my friends,

I was just wondering if using Remote Desktop in Windows Server 2003 is completely safe.  Can I Remote Desktop to another computer for long periods of time without having to worry about naughty hackers getting hold of my system or putting viruses into it?

Thank you so much,


Jazon Samillano
<< URL removed by Humeniuk - page editor, see www.experts-exchange.com/help.jsp#hi106 >>
0
Comment
Question by:piratepatrol
  • 3
  • 3
  • 2
8 Comments
 
LVL 97

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 1000 total points
ID: 13914540
First, unless you're running a business where intellectual property is a strong part of your business model or your marketing plans will have a significant impact on the market in general, don't start thinking everyone's out to get you.  They aren't.  The VAST majority of "hackers" are trying to use your system for either storage or a coordinated attack on another web site.  No one "puts" a virust on a computer either.  Security holes in Windows and/or poor practices (allowing/using File Sharing Programs such as Kazaa), not running up to date antivirus and/or accepting Office documents from others who might be infected are the most frequent and likely methods of infection.

All that said, If you are going to allow the Remote Desktop port to be open, then there's a security risk.  Significant?  I don't think so, but if you want to be SAFE, you'll setup a VPN.  Then you can VPN to the server and connect over a secure connection.

You can also try RDP over SSH - here's some links for products and info:
http://www.wissh.com/
http://theillustratednetwork.mvps.org/RemoteDesktop/SSH-RDP-VNC/RemoteDesktopVNCandSSH.html
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 1000 total points
ID: 13917414
RD is pretty safe, and you can even turn up the default encryption to a higher bit if you prefer. SSH or any other tunneling protocol is a bit much in my opinion, as I have yet to be able to find a cracker for a "sniffed" RD/TS session, and the only plaintext that can be sniffed from a terminal service/remote desktop session is the username, and that's only when you first log on the the pc your TS/RD'ing to. Here is how you turn up the encryption level on RD (it's done on the server, the client will be instructed to use a higher level)
http://support.microsoft.com/default.aspx?scid=kb;en-us;814590 this applies to xp as well

The main security hole with rd/ts is the port is very well known, and most scanners have this one added to their list to look for. But the biggest security hole used to be, that you could find a TS/RD server, and then try to brute force the Local administrator account, because the local admin account can NEVER be locked out, so your free to guess as much as you like. In xp sp2 and in 2003 sp1 (beta) they have added a fix that makes the local admin account "appear" to be locked out to a RD user, if you type the password wrong 6 times I believe. You can still walk of to the key board of the machine and log in as the admin even if RD tells you the account is locked out, which I think is 30 minutes.

leww mentioned using a vpn of tunnel solution such as ipsec or ssh because the port is very well known, and the tunnel adds an extra layer of authentication to the mix, so that only authorized users can access the rd port's because they would be the only ones that can tunnel in to see the port.

with RD you can list users that are allowed to conenct, and you can even change the listening port, here are some of my previous posts on this subject:
http://www.experts-exchange.com/Security/Win_Security/Q_21393332.html#13811913
-rich
0
 
LVL 3

Author Comment

by:piratepatrol
ID: 13928295
So I can Remote Desktop to a server for hours and hours and not have to worry about a hacker slipping a virus into my server?  Also, the password is sent from my keyboard to the server with encryption, right?
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

 
LVL 97

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 1000 total points
ID: 13928375
Yes, the password is encrypted - I've seen this first hand at a test we did at my last job, monitoring packets with a few linux tools.

As we've said, the RDP system is by no means fool proof.  BUT it's not using cleartext either and it does have a level of encryption.  And to be safer, you can use a VPN and/or an SSH tunnel to connect.
0
 
LVL 3

Author Comment

by:piratepatrol
ID: 13928639
Thank you so much
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 14324967
Rdp just got less secure...
Cain & Abel v2.7.3 released
New features:
- RDPv4 session sniffer for APR
Cain can now perform man-in-the-middle attacks against the heavy encrypted Remote Desktop Protocol (RDP), the one used to connect to the Terminal Server service of a remote Windows computer. The entire session from/to the client/server is decrypted and saved to a text file. Client-side key strokes are also decoded to provide some kind of password interception. The attack can be completely invisible because of the use of APR (Arp Poison Routing) and other protocol weakness.
-rich
0
 
LVL 3

Author Comment

by:piratepatrol
ID: 14331464
Oh my God, this sucks!  Is it gon'na be up to Microsoft to come up with a patch against this?
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 14333710
It's hard to patch against properly, in fact M$ has patched this one before, and this arp posioning attack would work best on the lan, or if you gathered enough information about an internet host, you could concieveably do this with some sucess on internet host's. It does require you to have posioning setup prior to a TS/RD session. This isn't much different than the SMBRelay tool's that have been around for some time. Read the PDF on their site for more info, again you'd have to be posioning prior for the attack to work.
http://www.oxid.it/downloads/rdp-gbu.pdf
-rich
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Integration Management Part 2
Suggested Courses
Course of the Month14 days, 15 hours left to enroll

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question