Does RDP on Windows Vista encrypt credentials?

Posted on 2010-01-08
Last Modified: 2013-12-09
I bring my laptop with me when I travel and am concerned about security on "public" wifi's such as airport/hotel/resort when I want to use them to rdp into my business servers.  What is the risk of 'sniffers' or other users viewing my traffic on my wifi? In terms of key logging and especially sending credential when I launch the rdp client on windows vista and use the wifi to stay connected to my rdp server.  No I do not have a vpn setup.  What are my risks? and can the wifi node log all key presses?

Also I have heard of malicious schemes that involve users running wifi nodes with similar names to the public thereby confusing users into picking "Seattle Airport Public Wifi" vs "SEATWIFIPUB"(the real one in this example). Can anyone offer any thoughts on this?
Question by:forexguy1000
    LVL 5

    Accepted Solution

    Every version of RDP uses RSA Securitys RC4 cipher, a stream cipher designed to efficiently encrypt small amounts of varying size data. RC4 is designed for secure communications over networks, and is also used in protocols such as SSL, which encrypts traffic to and from secure Web sites.

    The only risk is a vulnerability in RDP protocol or in the RDP CLIENT.

    If you regularly update your system (automatic updates) I think your rdp connection credentials are safe.
    LVL 5

    Assisted Solution

    as marcokrecic mentioned you need not be concerened about encryption so much providing you have the latest client.

    However, the later part of your email mentions an issue of a sort of spoofing your server which is entirely possilbe (see link below). I highly recomment you utilize a certificate server to verify the identity of the server if you are concerned about that. You'll want to install the cert on your workstation once complete since you won't be able to validate the Certificate Server unless on VPN.


    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    Join & Write a Comment

    Working settings for French ISP Orange "Prêt à Surfer" SIM cards for data connections only. Can't be found anywhere else !
    For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
    This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
    The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now