Solved

Is Windows Remote Desktop connection secure

Posted on 2016-08-28
8
33 Views
Last Modified: 2016-08-28
We just came up with a link that would supposedly secure a Windows Remote Desktop connection (see link below)

http://www.howtogeek.com/175087/how-to-enable-and-secure-remote-desktop-on-windows/

Open in new window


We always thought that RDP was secure until we saw this link.  That means that without setting this up, the connection to the remote computer is totally open and eyes can come in and spy on.

Question,

without the setup described in the link, RDP is not secure?

If we must follow the link in order to make it secure, this has to be done in both computers?

Please advice on what to consider.

Thank you in advance.
0
Comment
Question by:rayluvs
  • 4
  • 3
8 Comments
 
LVL 30

Expert Comment

by:pgm554
ID: 41774237
Most windows  RDP servers have an SSL certificate (3rd party or self issued) using port 443.
RDP itself is an encrypted session.
So they should be encrypted depending upon who set it up.
0
 

Author Comment

by:rayluvs
ID: 41774246
Please note, we are referring to Windows Remote Desktop, we don't use no 3rd party apps.

That sais, and besides our use of computer-to-server, we also use computer-to-computer; would this also be secured (computer-to-computer)?
0
 
LVL 20

Expert Comment

by:Russ Suter
ID: 41774248
Peer-to-Peer RDP on Windows machines is not considered absolutely secure. I can tell you from personal experience that using it in a PCI environment causes a fail in an audit. You can make a fully secure remote desktop system if you use RDS and go through the extra steps of securing the communication using an SSL layer.

All that being said, for most practical purposes, Windows RDP, even peer-to-peer, is secure enough for most standard cases as long as you set it up to only allow more secure connections.
0
 

Author Comment

by:rayluvs
ID: 41774253
Thanx for the info.

So to go back to our original question,

Without the setup described in the link, RDP is not secure?

If we must follow the link in order to make it secure, this has to be done in both computers?

0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 20

Accepted Solution

by:
Russ Suter earned 500 total points
ID: 41774255
Following the instructions in the link will definitely enhance the security. However TLS 1.0 is no longer considered fully secure although to truly exploit its vulnerability requires some serious hardware. Without following the advice in the link you're at the mercy of Windows security which is basically an oxymoron.
0
 

Author Comment

by:rayluvs
ID: 41774260
Ok, that answer the first part; the; last part of the question,

so by following the link to set the additional security, should this be done in both computers?
0
 
LVL 20

Assisted Solution

by:Russ Suter
Russ Suter earned 500 total points
ID: 41774263
It needs to be done on each PC that will be on the receiving end of the RDP session. If you're on a computer that will never receive an RDP request then you don't need to do anything. RDP is disabled by default.
0
 

Author Comment

by:rayluvs
ID: 41774265
Thanx!
0

Featured Post

ScreenConnect 6.0 Free Trial

Explore all the enhancements in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI, app configurations and chat acknowledgement to improve customer engagement!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
RDS Client Access Licensing 5 43
512kbps tMobile hotspot for Remote Access (eg team viewer)? 11 73
Windows 2012 Remote Apps Question 2 70
Wake on LAN 12 44
In this article, I'll explain how to setup a Plex Media Server (https://plex.tv/) on a Redhat (Centos) 7 based NAS with screenshots to help those looking for assistance.  What is Plex? If you aren't familiar with Plex, it’s a DLNA media serv…
Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now