Solved

Is remote desktop over the internet secure?

Posted on 2008-10-27
5
1,014 Views
Last Modified: 2013-12-04
I have two Windows Vista Machines that I use to connect to one via Remote Desktop Connection. I use to use Quick VPN with my WRVS4400N Linksys router until it became unreliable. I have setup port forwarding to my desktop computer through this router. I can now connect to this computer by using my ISP assigned address remotely through the internet. How secure is this compared to me connecting with my Linksys Quick VPN, when it was working? What should I be worried about connecting to my computer remotely in this way? Thanks in advance!
0
Comment
Question by:jbyrd1981
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 16

Accepted Solution

by:
sh0e earned 400 total points
ID: 22818920
RDP is encrypted, so it's not communicating in plain-text.

Good tutorial on how to configure RDP to be more secure.
http://www.mobydisk.com/techres/securing_remote_desktop.html
0
 
LVL 4

Expert Comment

by:whsum
ID: 22818964
RDP is secure but you only have one level of protection by exposing your RDP directly to the internet. With the Quick VPN, would be hackers will need to hack another layer before being able to access the RDP login.

I would say RDP is secure, providing you have correctly set your router to expose the single port necessary and that you have only enabled limited access accounts with secure passwords.
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 22819666
The main issue with RDP is the fact that there is only single factor authentication as whsum suggests.  I would strongly recommend implementing a VPN and then connecting to RDP using the VPN, rather than a straight connection to RDP over the web.

0
 
LVL 16

Assisted Solution

by:cantoris
cantoris earned 100 total points
ID: 22820494
I prefer to set up an SSH2 server on the PC and configure RDP to be forwarded over it rather than expose port 3389 directly.

Here's an SSH server (free for personal non-commercial use):
http://www.bitvise.com/winsshd
And the SSH client:
http://www.bitvise.com/tunnelier  - it supports single-click remote desktop port forwarding.

It's a little more work but an extra layer of security without messing with VPNs.
0
 
LVL 16

Assisted Solution

by:sh0e
sh0e earned 400 total points
ID: 22822074
Actually, if you need end-point authentication for reducing MITM risks, RDP supports SSL/TLS and CredSSP.
Just make sure RDP is updated to the latest version on both the client and server end.
End-point authentication is negotiated, so if it warns you about connecting less securely, don't connect.

This feature is supported only on more recent versions, but this includes Vista so you should be fine.

Latest client software.  Should also be available through Windows Update:
http://www.microsoft.com/downloads/details.aspx?familyid=6E1EC93D-BDBD-4983-92F7-479E088570AD&displaylang=en

Picture below shows the option that references what I am talking about.
untitled.PNG
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question