Link to home
Start Free TrialLog in
Avatar of LockDown32
LockDown32Flag for United States of America

asked on

Isn't RDP still and acceptable Remote Desktop Protocol?

I have a customer who emailed today and they were told by their insurance company that they have a major flaw in their system. That they are using RDP. I guess they used a port scanner. Anyway… Isn't RDP still an industry standard way of remote access? It isn't really Plain-Jane RDP as there is a third party security enhancement but the underwriters don't know that. I am just kind of curious as to whether or not RDP is still an active industry-standard?

Explicitly they are using TSPlus. Is there something better and more secure out there now then RDP?
Avatar of sanehpal

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Philip Elder
First step to securing a Remote Desktop Protocol access solution, whether Virtual Desktop Infrastructure for Desktop OS or Session Host, or Desktop OS endpoints on the internal network is to set up a Remote Desktop Gateway.

An RDG uses a standard HTTPS tunnel to secure the connection between the endpoint and the network. It also incorporates a Network Layer Authorization structure that ties into Windows Authentication. That means that too many attempts to log on and the user account is locked out.

An additional layer that can be put on top to further secure the setup is To Factor Authentication (2FA or MFA).

No one should ever port forward _any_ port on the edge/router/firewall to an RDP endpoint inside the network. Ever.

EE Remote Desktop Article Remote Desktop Services (RDS): Setup Guide & Best Practices
I would suspect they found port 3389 open.  This has LONG been a no-no.  Setup an RDGateway or use VPN.  Once the user connects via one of those systems, it should be fine.

Also, STRONGLY consider adding 2FA to the mix.  Duo or another solution.
Avatar of LockDown32


That all but the question wasn't really answered. I am aware of the security risks and everything. To reiterate the question  "Is there something better and more secure out there now then RDP"? Is it still an active industry standard or should I be looking for something else in this day and age?
I disagree.  We answered your question.  It's still widely used.  There are some people who don't know how (or care) to secure it and do their insurance company yells at them.
The question really didn't have much to do with security. It is secure. Running on a different port with a third party security package. No one really stated that it is still an industry standard and widely used.
To answer the question explicitly: No.

Anything connected to some form of cloud service has it's own share of risks. Witness SolarWinds and other such RMM/RMM Component compromises.

The Remote Desktop Protocol when set up correctly to use RD Gateway, Broker, and Web along with secure SSL certificates and Group Policy is the best that there is IMNSHO. Add 2FA/MFA into the mix and the solution set is solid.

Please keep in mind that there is no such thing as "Security" and being "Secure". Virtually everything, _everything_, is dependent on Training the Human. Then, there's the code itself.
Running on a different port
Sorry, but this is NOT secure.  Obscuring the port protects you from the 15 year old thinking it's fun to get into other people's systems.  It does not protect you from anyone with programming skills (basic programming skills) or numerous tools designed to find machines with obscured ports.  This has been true for well over a decade.

To Philip's point: You have to right 100% of the time; malicious hackers need to be right ONCE.

If your Insurance company could detect your open RDP port why can't hackers?
Second to Lee's point: Look up TSGrinder. BTDT