Solved

Remote Desktop SSL Settings and Certificate Aquire

Posted on 2009-05-11
4
2,689 Views
Last Modified: 2013-11-21
I received this failure for a monthly scanning service.
How do I aquire a certificate for my remote desktop server to complete this?
How do I accomplish all this?

Synopsis : It may be possible to get access to the remote host. Description : The remote version of Remote Desktop Protocol Server (Terminal Service) is vulnerable to a man in the middle attack. An attacker may exploit this flaw to decrypt communications between client and server and obtain sensitive information (passwords, ...). Solution: Force the use of SSL as a transport layer for this service. See also : http://www.oxid.it/downloads/rdp-gbu.pdf http://technet.microsoft.com/en-us/libra ry/cc782610.aspx Risk Factor: Medium  / CVSS Base Score : 5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P) CVE : CVE-2005-1794 BID : 13818 Other references : OSVDB:17131

Thanks!
0
Comment
Question by:rickpary
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 31

Accepted Solution

by:
Paranormastic earned 500 total points
ID: 24379953
A normal web server certificate is fine - from your own CA or commericial CA (e.g. godaddy) and should be installed on the TS server and TS gateway (TSG) if you have one.

RDP 6.0 to support which came with XP SP2 and should work okay, however it is recommended that you go with RDP 6.1 that shipped with the latest service packs for each OS.  This provides the ability to have SAN certs (multiple names in the same cert - i.e. you can have hostname, dns name, dns aliases, IP addresses, etc.), better support for remote printing, etc.  

You can get just the RDP 6.1 client installer her if you aren't ready to roll out XP SP3 yet, so you can use the newest version:
http://www.microsoft.com/downloads/details.aspx?FamilyId=6E1EC93D-BDBD-4983-92F7-479E088570AD&displaylang=en


A description of RDP 6.1 and its features is here:
http://support.microsoft.com/kb/951616

Description of RDP 6.0 is here and mentions TSG:
http://support.microsoft.com/kb/925876
0
 
LVL 31

Assisted Solution

by:Paranormastic
Paranormastic earned 500 total points
ID: 24379972
0
 

Author Comment

by:rickpary
ID: 25172132
Can someone walk me thru this?
I just need to create a certificate and install it.
THe above is confusing.
Thank You
0
 

Author Comment

by:rickpary
ID: 25172279
I am running Microsoft Windows Server 2003 for Small Business Server SP2.
How do I create and install the certificate?
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question