Avatar of corecc
corecc
 asked on

RDP security

I have an employee working remotely over RDP from a windows 7 machine to other windows 7 over the internet. The Broadband line I am using is fairly slow and I have no alternatives apart from a leased line which is too expensive. I have used Logmein and a VPN and it is all to slow but the RDP connection is fast enough for him to use but I am concerned about security. I have set it up so only his IP address can access the PC but I cannot see how I can beef up the RDP encryption. I have Googled around and all I can see is stuff on server 2008 terminal services, which is not relevant to this setup.

Is there a way to increase the encryption on an RDP connection? and how safe is this setup?
Microsoft Legacy OSOS SecurityEncryption

Avatar of undefined
Last Comment
Tony J

8/22/2022 - Mon
Tony J

I'm not aware of any 'in the wild' RDP vulnerabilities that haven't been long since patched - it's always important to patch anything you are connecting to the net of course.

You could always enable TLS/SS::
http://support.microsoft.com/kb/895433

http://technet.microsoft.com/en-us/library/cc775904(v=ws.10)
AdamCz

Are you using VPN on Windows 2008? If yes choose one of the tunelling protocols :

http://technet.microsoft.com/en-us/library/cc771298%28WS.10%29.aspx

Also on remote Windows 7 Remote settings check "Select Allow connections only from computers running Remote Desktop with Network Level Authentication"

Regards
f
Tony J

Sorry - I completely misread this question.

NLA is certainly a good idea.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
McKnife

Hi.

After connecting via RDP, do you see a padlock in the connection bar at the top of the screen? If yes, click the padlock - what does it say?
corecc

ASKER
Hi McKnife,

No I do not see any Padlock.

Can I apply a certificate to the connection as I always get an error atconnection telling me the remote computer cannot be verified. do you want to continue?

Also to stop being hacked I imagine I should have a time out on the login if a password fails is that possible?
ASKER CERTIFIED SOLUTION
McKnife

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Tony J

May I ask why I got zero points? McKnife only pointed to an alternative source of the same information I provided.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.