Solved

Is remote desktop over the internet secure?

Posted on 2008-10-27
5
1,000 Views
Last Modified: 2013-12-04
I have two Windows Vista Machines that I use to connect to one via Remote Desktop Connection. I use to use Quick VPN with my WRVS4400N Linksys router until it became unreliable. I have setup port forwarding to my desktop computer through this router. I can now connect to this computer by using my ISP assigned address remotely through the internet. How secure is this compared to me connecting with my Linksys Quick VPN, when it was working? What should I be worried about connecting to my computer remotely in this way? Thanks in advance!
0
Comment
Question by:jbyrd1981
5 Comments
 
LVL 16

Accepted Solution

by:
sh0e earned 400 total points
ID: 22818920
RDP is encrypted, so it's not communicating in plain-text.

Good tutorial on how to configure RDP to be more secure.
http://www.mobydisk.com/techres/securing_remote_desktop.html
0
 
LVL 4

Expert Comment

by:whsum
ID: 22818964
RDP is secure but you only have one level of protection by exposing your RDP directly to the internet. With the Quick VPN, would be hackers will need to hack another layer before being able to access the RDP login.

I would say RDP is secure, providing you have correctly set your router to expose the single port necessary and that you have only enabled limited access accounts with secure passwords.
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 22819666
The main issue with RDP is the fact that there is only single factor authentication as whsum suggests.  I would strongly recommend implementing a VPN and then connecting to RDP using the VPN, rather than a straight connection to RDP over the web.

0
 
LVL 16

Assisted Solution

by:cantoris
cantoris earned 100 total points
ID: 22820494
I prefer to set up an SSH2 server on the PC and configure RDP to be forwarded over it rather than expose port 3389 directly.

Here's an SSH server (free for personal non-commercial use):
http://www.bitvise.com/winsshd
And the SSH client:
http://www.bitvise.com/tunnelier  - it supports single-click remote desktop port forwarding.

It's a little more work but an extra layer of security without messing with VPNs.
0
 
LVL 16

Assisted Solution

by:sh0e
sh0e earned 400 total points
ID: 22822074
Actually, if you need end-point authentication for reducing MITM risks, RDP supports SSL/TLS and CredSSP.
Just make sure RDP is updated to the latest version on both the client and server end.
End-point authentication is negotiated, so if it warns you about connecting less securely, don't connect.

This feature is supported only on more recent versions, but this includes Vista so you should be fine.

Latest client software.  Should also be available through Windows Update:
http://www.microsoft.com/downloads/details.aspx?familyid=6E1EC93D-BDBD-4983-92F7-479E088570AD&displaylang=en

Picture below shows the option that references what I am talking about.
untitled.PNG
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now