Solved

RDP, XP to XP while preventing a Man in the Middle attack

Posted on 2009-05-11
8
1,319 Views
Last Modified: 2013-11-21
XP to XP RDP while preventing the possibility Man in the middle attack.

 I am working inside a network and can get RDP to work just fine. We only use RDP inside our network or when connecting with a VPN.  What I am trying to do secure the connections using certificates ? if that is the way to do it ?.  I have upgraded my RDP to 6.0.6001 on my client machines and I have been able to get the certificates to be passed to me from Server2003 and Vista.  The issue is getting the XP computers to pass certificates or authenticate to the server when connecting to another XP machine.  

If anyone has set this up or knows how to do it please let me know.

This is what I have tried:
http://support.microsoft.com/kb/895433

Created a CA certificate
Made sure that the computers have the certificate as trusted.
Modified the client registry on the XP computers that I am testing.
Tried to connect using authentication but have not had any luck.  
I can get the XP cleints to connect to each other without using server authentication.
0
Comment
Question by:PJC777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
8 Comments
 

Author Comment

by:PJC777
ID: 24359736
Here is the error that I am getting.
0
 
LVL 30

Accepted Solution

by:
IanTh earned 250 total points
ID: 24373582
0
 

Author Comment

by:PJC777
ID: 24417338
How do you get the XP computer to authenticate with your certificate server when connecting to another XP computer? Is that how it should work?
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 30

Expert Comment

by:IanTh
ID: 24423694
you did not attach your error btw
0
 

Author Comment

by:PJC777
ID: 24423836
Take two on the error...
0
 

Author Comment

by:PJC777
ID: 24423892
My screen print isnt working so here is the error:

Remote desktop connection.

Your remote desktop connection failed because the remote computer cannot be authenticated.

Your computer's setting do not allow connection to this remote computer because it cannot be identified. Either it is running a version of windows earlier then Windows Vista, or is not configured to support server authentication.

For a assistance contact your network administrator or the owner of the remote computer.
0
 
LVL 63

Assisted Solution

by:SysExpert
SysExpert earned 250 total points
ID: 24426548
It sounds like certificates are not supported on XP. Need Vista or newer

Use VNC instead....

0
 

Author Closing Comment

by:PJC777
ID: 31580350
Still unsure if it is posible to use certificates while connecting an XP computer to an XP computer using RDP.  VNC works but then it's an application that needs to be installed and configured per computer. This has been a requirement pushed to us through an IS audit. Thanks for your help.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question