?
Solved

Does RDP on Windows Vista encrypt credentials?

Posted on 2010-01-08
2
Medium Priority
?
452 Views
Last Modified: 2013-12-09
I bring my laptop with me when I travel and am concerned about security on "public" wifi's such as airport/hotel/resort when I want to use them to rdp into my business servers.  What is the risk of 'sniffers' or other users viewing my traffic on my wifi? In terms of key logging and especially sending credential when I launch the rdp client on windows vista and use the wifi to stay connected to my rdp server.  No I do not have a vpn setup.  What are my risks? and can the wifi node log all key presses?

Also I have heard of malicious schemes that involve users running wifi nodes with similar names to the public thereby confusing users into picking "Seattle Airport Public Wifi" vs "SEATWIFIPUB"(the real one in this example). Can anyone offer any thoughts on this?
0
Comment
Question by:forexguy1000
2 Comments
 
LVL 5

Accepted Solution

by:
marcokrecic earned 1000 total points
ID: 26214610
Every version of RDP uses RSA Securitys RC4 cipher, a stream cipher designed to efficiently encrypt small amounts of varying size data. RC4 is designed for secure communications over networks, and is also used in protocols such as SSL, which encrypts traffic to and from secure Web sites.

The only risk is a vulnerability in RDP protocol or in the RDP CLIENT.

If you regularly update your system (automatic updates) I think your rdp connection credentials are safe.
0
 
LVL 5

Assisted Solution

by:rparsons1000
rparsons1000 earned 1000 total points
ID: 26240587
as marcokrecic mentioned you need not be concerened about encryption so much providing you have the latest client.

However, the later part of your email mentions an issue of a sort of spoofing your server which is entirely possilbe (see link below). I highly recomment you utilize a certificate server to verify the identity of the server if you are concerned about that. You'll want to install the cert on your workstation once complete since you won't be able to validate the Certificate Server unless on VPN.

http://aob.kunis.nl/2009/03/howto-man-in-the-middle-apr-rdp-cain-abel/

0

Featured Post

Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question