Solved

Remote Desktop SSL Settings and Certificate Aquire

Posted on 2009-05-11
4
2,702 Views
Last Modified: 2013-11-21
I received this failure for a monthly scanning service.
How do I aquire a certificate for my remote desktop server to complete this?
How do I accomplish all this?

Synopsis : It may be possible to get access to the remote host. Description : The remote version of Remote Desktop Protocol Server (Terminal Service) is vulnerable to a man in the middle attack. An attacker may exploit this flaw to decrypt communications between client and server and obtain sensitive information (passwords, ...). Solution: Force the use of SSL as a transport layer for this service. See also : http://www.oxid.it/downloads/rdp-gbu.pdf http://technet.microsoft.com/en-us/libra ry/cc782610.aspx Risk Factor: Medium  / CVSS Base Score : 5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P) CVE : CVE-2005-1794 BID : 13818 Other references : OSVDB:17131

Thanks!
0
Comment
Question by:rickpary
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 31

Accepted Solution

by:
Paranormastic earned 500 total points
ID: 24379953
A normal web server certificate is fine - from your own CA or commericial CA (e.g. godaddy) and should be installed on the TS server and TS gateway (TSG) if you have one.

RDP 6.0 to support which came with XP SP2 and should work okay, however it is recommended that you go with RDP 6.1 that shipped with the latest service packs for each OS.  This provides the ability to have SAN certs (multiple names in the same cert - i.e. you can have hostname, dns name, dns aliases, IP addresses, etc.), better support for remote printing, etc.  

You can get just the RDP 6.1 client installer her if you aren't ready to roll out XP SP3 yet, so you can use the newest version:
http://www.microsoft.com/downloads/details.aspx?FamilyId=6E1EC93D-BDBD-4983-92F7-479E088570AD&displaylang=en


A description of RDP 6.1 and its features is here:
http://support.microsoft.com/kb/951616

Description of RDP 6.0 is here and mentions TSG:
http://support.microsoft.com/kb/925876
0
 
LVL 31

Assisted Solution

by:Paranormastic
Paranormastic earned 500 total points
ID: 24379972
0
 

Author Comment

by:rickpary
ID: 25172132
Can someone walk me thru this?
I just need to create a certificate and install it.
THe above is confusing.
Thank You
0
 

Author Comment

by:rickpary
ID: 25172279
I am running Microsoft Windows Server 2003 for Small Business Server SP2.
How do I create and install the certificate?
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Description: Actually I found the below issue with some customers after migration from SMS 2003 to SCCM 2007 and epically if they change site code, some clients may appear in the console with old site code, plus old sites still appearing …
Know what services you can and cannot, should and should not combine on your server.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question