changjia
asked on
Windows Remote Desktop Protocol Private Key Disclosure
Hi Experts:
Our security scan shows us that we have a vunerbility called "Windows Remote Desktop Protocol Private Key Disclosure". I have searched all over the internet but can't seem to find a solution.
Could someone what I need to do to fix this?
We are running Windows server 2003 R2 with SP2.
Thanks
Our security scan shows us that we have a vunerbility called "Windows Remote Desktop Protocol Private Key Disclosure". I have searched all over the internet but can't seem to find a solution.
Could someone what I need to do to fix this?
We are running Windows server 2003 R2 with SP2.
Thanks
ASKER
Hi Nsx106052,
From reading the article, I have learn that the solution is to Force the use of SSL as a transport layer for this service.
Do you know how to do that?
Thanks
From reading the article, I have learn that the solution is to Force the use of SSL as a transport layer for this service.
Do you know how to do that?
Thanks
You will need to configure it in Group policy:
computer configuration/administrati ve templates/windows components/terminal services/encryption and security
computer configuration/administrati
ASKER
It has always been set to high and require secure connection, how come the scan still shows the vunerbility?
Thanks
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.vulnerabilityscanning.com/Microsoft-Windows-Remote-Desktop-Protocol-Server-P-Test_18405.htm
Another thing to consider may be to create local firewall policies to only allow RDP traffic from the local subnet. Also check to make sure the computer is up to date with all the latest MS security patches.