Solved

Is Windows Remote Desktop connection secure

Posted on 2016-08-28
8
30 Views
Last Modified: 2016-08-28
We just came up with a link that would supposedly secure a Windows Remote Desktop connection (see link below)

http://www.howtogeek.com/175087/how-to-enable-and-secure-remote-desktop-on-windows/

Open in new window


We always thought that RDP was secure until we saw this link.  That means that without setting this up, the connection to the remote computer is totally open and eyes can come in and spy on.

Question,

without the setup described in the link, RDP is not secure?

If we must follow the link in order to make it secure, this has to be done in both computers?

Please advice on what to consider.

Thank you in advance.
0
Comment
Question by:rayluvs
  • 4
  • 3
8 Comments
 
LVL 30

Expert Comment

by:pgm554
ID: 41774237
Most windows  RDP servers have an SSL certificate (3rd party or self issued) using port 443.
RDP itself is an encrypted session.
So they should be encrypted depending upon who set it up.
0
 

Author Comment

by:rayluvs
ID: 41774246
Please note, we are referring to Windows Remote Desktop, we don't use no 3rd party apps.

That sais, and besides our use of computer-to-server, we also use computer-to-computer; would this also be secured (computer-to-computer)?
0
 
LVL 20

Expert Comment

by:Russ Suter
ID: 41774248
Peer-to-Peer RDP on Windows machines is not considered absolutely secure. I can tell you from personal experience that using it in a PCI environment causes a fail in an audit. You can make a fully secure remote desktop system if you use RDS and go through the extra steps of securing the communication using an SSL layer.

All that being said, for most practical purposes, Windows RDP, even peer-to-peer, is secure enough for most standard cases as long as you set it up to only allow more secure connections.
0
 

Author Comment

by:rayluvs
ID: 41774253
Thanx for the info.

So to go back to our original question,

Without the setup described in the link, RDP is not secure?

If we must follow the link in order to make it secure, this has to be done in both computers?

0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 20

Accepted Solution

by:
Russ Suter earned 500 total points
ID: 41774255
Following the instructions in the link will definitely enhance the security. However TLS 1.0 is no longer considered fully secure although to truly exploit its vulnerability requires some serious hardware. Without following the advice in the link you're at the mercy of Windows security which is basically an oxymoron.
0
 

Author Comment

by:rayluvs
ID: 41774260
Ok, that answer the first part; the; last part of the question,

so by following the link to set the additional security, should this be done in both computers?
0
 
LVL 20

Assisted Solution

by:Russ Suter
Russ Suter earned 500 total points
ID: 41774263
It needs to be done on each PC that will be on the receiving end of the RDP session. If you're on a computer that will never receive an RDP request then you don't need to do anything. RDP is disabled by default.
0
 

Author Comment

by:rayluvs
ID: 41774265
Thanx!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Remote Desktop Connections allow you to control remote host machines via the magic of the Internet and RDP (Remote Desktop Protocol). For the purposes of this article we will assume you are connecting from your home PC or laptop to a remote offic…
Let’s list some of the technologies that enable smooth teleworking. 
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now