$64,000 Question -- How secure is Remote Desktop?

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Ok, here's the $64,000 Question -- How secure is Remote Desktop? I have
opened a "hole" in my SOHO firewall and forwarded port 3389 to my WinXP Pro
machine. I'm surprised by how well it works. However, I'm a little worried
that I've just opened a myself up to all manner of nefarious attacks. Are
there any other security precautions I should take, or will Remote Desktop
be secure enough all by itself? What are the rest of you doing?

Larry
6 answers Last reply
More about question secure remote desktop
  1. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    From a recent NG post by Patrick Rouse:

    ----
    Opening port 3389 is as secure as (if not more than) HTTPS or
    non-certificate based VPN, as all traffic is encrypted within the RDP
    Packets. If you require a higher level of security, i.e. to limit which
    computer can connect to your terminal servers, you can look into IPSec/L2TP
    VPN or simpler (to implement) 3rd party solutions like his SecureRDP or one
    called WiSSH.

    http://www.workthin.com/tsao.htm

    Larry Schwartz wrote:
    > Ok, here's the $64,000 Question -- How secure is Remote Desktop? I
    > have opened a "hole" in my SOHO firewall and forwarded port 3389 to
    > my WinXP Pro machine. I'm surprised by how well it works. However,
    > I'm a little worried that I've just opened a myself up to all manner
    > of nefarious attacks. Are there any other security precautions I
    > should take, or will Remote Desktop be secure enough all by itself?
    > What are the rest of you doing?
    >
    > Larry
  2. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    I have heard that it is better if you change the listening port to some
    unknown number then access via IPAddress:NewPortnumber. This requires a
    registry hack -
    http://support.microsoft.com/default.aspx?scid=kb;en-us;187623


    "Lanwench [MVP - Exchange]"
    <lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com> wrote in message
    news:eHnnD0nQEHA.1348@TK2MSFTNGP12.phx.gbl...
    > From a recent NG post by Patrick Rouse:
    >
    > ----
    > Opening port 3389 is as secure as (if not more than) HTTPS or
    > non-certificate based VPN, as all traffic is encrypted within the RDP
    > Packets. If you require a higher level of security, i.e. to limit which
    > computer can connect to your terminal servers, you can look into
    IPSec/L2TP
    > VPN or simpler (to implement) 3rd party solutions like his SecureRDP or
    one
    > called WiSSH.
    >
    > http://www.workthin.com/tsao.htm
    >
    > Larry Schwartz wrote:
    > > Ok, here's the $64,000 Question -- How secure is Remote Desktop? I
    > > have opened a "hole" in my SOHO firewall and forwarded port 3389 to
    > > my WinXP Pro machine. I'm surprised by how well it works. However,
    > > I'm a little worried that I've just opened a myself up to all manner
    > > of nefarious attacks. Are there any other security precautions I
    > > should take, or will Remote Desktop be secure enough all by itself?
    > > What are the rest of you doing?
    > >
    > > Larry
    >
    >
  3. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Thanks for the info, but my biggest worry is that the open port could be
    used as a vehicle for attacks on my machine . . . I'm just trying to figure
    out if there's something I should be doing about it.

    Larry


    > From a recent NG post by Patrick Rouse:
    >
    > ----
    > Opening port 3389 is as secure as (if not more than) HTTPS or
    > non-certificate based VPN, as all traffic is encrypted within the RDP
    > Packets. If you require a higher level of security, i.e. to limit which
    > computer can connect to your terminal servers, you can look into
    IPSec/L2TP
    > VPN or simpler (to implement) 3rd party solutions like his SecureRDP or
    one
    > called WiSSH.
    >
    > http://www.workthin.com/tsao.htm
    >
    > Larry Schwartz wrote:
    > > Ok, here's the $64,000 Question -- How secure is Remote Desktop? I
    > > have opened a "hole" in my SOHO firewall and forwarded port 3389 to
    > > my WinXP Pro machine. I'm surprised by how well it works. However,
    > > I'm a little worried that I've just opened a myself up to all manner
    > > of nefarious attacks. Are there any other security precautions I
    > > should take, or will Remote Desktop be secure enough all by itself?
    > > What are the rest of you doing?
    > >
    > > Larry
    >
    >
  4. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    RDP is inherently secure, as the info being transimtted is encrypted and mostly bits of images. The only info being transitted are the changes of the screen, print jobs & file copy. All of these happens over port 3389 for RDP, regardless of the info being sent. If you do expose your machine to the Internet via Port 3389, or any other port for Remote Desktop, make sure you use a complex password, i.e. 8-15 characters, upper & lower case, numbers, special characters and hidden characters if you're really paranoid. Also good to not allow the administrator account to logon via Remote Desktop.

    1. I have never heard of a packet sniffer that can reassemble RDP packets into meaningful data.
    2. Changing the default port from 3389 to something else would only be obscuring the target enough to stop the most unskilled hacker, who wouldn't have the know-how to to break into your system without an automated tool (i.e. script-kiddie tools). Anyone smart enough to break-in is more than capable of finding your port, so changing ports in my opinion is equivalent to closing a door, as opposed to leaving it open. Neither is secure, but one sticks out.

    Patrick Rouse
    Microsoft MVP - Terminal Server
    http://www.workthin.com

    ----- Larry Schwartz wrote: -----

    Thanks for the info, but my biggest worry is that the open port could be
    used as a vehicle for attacks on my machine . . . I'm just trying to figure
    out if there's something I should be doing about it.

    Larry


    > From a recent NG post by Patrick Rouse:
    >> ----
    > Opening port 3389 is as secure as (if not more than) HTTPS or
    > non-certificate based VPN, as all traffic is encrypted within the RDP
    > Packets. If you require a higher level of security, i.e. to limit which
    > computer can connect to your terminal servers, you can look into
    IPSec/L2TP
    > VPN or simpler (to implement) 3rd party solutions like his SecureRDP or
    one
    > called WiSSH.
    >> http://www.workthin.com/tsao.htm
    >> Larry Schwartz wrote:
    >> Ok, here's the $64,000 Question -- How secure is Remote Desktop? I
    >> have opened a "hole" in my SOHO firewall and forwarded port 3389 to
    >> my WinXP Pro machine. I'm surprised by how well it works. However,
    >> I'm a little worried that I've just opened a myself up to all manner
    >> of nefarious attacks. Are there any other security precautions I
    >> should take, or will Remote Desktop be secure enough all by itself?
    >> What are the rest of you doing?
    >>>> Larry
    >>
  5. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    That just makes it a bit more difficult for port scanners, though...

    Jeffrey Randow (Windows Networking & Smart Display MVP)
    jeffreyr-support@remotenetworktechnology.com

    Please post all responses to the newsgroups for the benefit
    of all USENET users. Messages sent via email may or may not
    be answered depending on time availability....

    Remote Networking Technology Support Site -
    http://www.remotenetworktechnology.com
    Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone

    On Tue, 25 May 2004 16:13:12 -0500, "Niel Bullock"
    <niel_bullock@hotmail.com> wrote:

    >I have heard that it is better if you change the listening port to some
    >unknown number then access via IPAddress:NewPortnumber. This requires a
    >registry hack -
    >http://support.microsoft.com/default.aspx?scid=kb;en-us;187623
    >
    >
    >
    >"Lanwench [MVP - Exchange]"
    ><lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com> wrote in message
    >news:eHnnD0nQEHA.1348@TK2MSFTNGP12.phx.gbl...
    >> From a recent NG post by Patrick Rouse:
    >>
    >> ----
    >> Opening port 3389 is as secure as (if not more than) HTTPS or
    >> non-certificate based VPN, as all traffic is encrypted within the RDP
    >> Packets. If you require a higher level of security, i.e. to limit which
    >> computer can connect to your terminal servers, you can look into
    >IPSec/L2TP
    >> VPN or simpler (to implement) 3rd party solutions like his SecureRDP or
    >one
    >> called WiSSH.
    >>
    >> http://www.workthin.com/tsao.htm
    >>
    >> Larry Schwartz wrote:
    >> > Ok, here's the $64,000 Question -- How secure is Remote Desktop? I
    >> > have opened a "hole" in my SOHO firewall and forwarded port 3389 to
    >> > my WinXP Pro machine. I'm surprised by how well it works. However,
    >> > I'm a little worried that I've just opened a myself up to all manner
    >> > of nefarious attacks. Are there any other security precautions I
    >> > should take, or will Remote Desktop be secure enough all by itself?
    >> > What are the rest of you doing?
    >> >
    >> > Larry
    >>
    >>
    >
  6. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Like Patrick said - PASSWORD SECURITY.. You could protect the service
    all you want but if you use a weak password, all of that work would be
    for naught...

    Other options are VPN's - it would provide an additional layer of
    complexity to hack through - although that layer of complexity makes
    setup a bit more difficult.

    Enable system hardening via Group Policy. Set the lockout parameters
    (but remember to set the reset time for this)...

    Jeffrey Randow (Windows Networking & Smart Display MVP)
    jeffreyr-support@remotenetworktechnology.com

    Please post all responses to the newsgroups for the benefit
    of all USENET users. Messages sent via email may or may not
    be answered depending on time availability....

    Remote Networking Technology Support Site -
    http://www.remotenetworktechnology.com
    Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone

    On Tue, 25 May 2004 11:50:34 -0500, "Larry Schwartz"
    <LESchwartz-NoSpam@VictorInc.com> wrote:

    >Ok, here's the $64,000 Question -- How secure is Remote Desktop? I have
    >opened a "hole" in my SOHO firewall and forwarded port 3389 to my WinXP Pro
    >machine. I'm surprised by how well it works. However, I'm a little worried
    >that I've just opened a myself up to all manner of nefarious attacks. Are
    >there any other security precautions I should take, or will Remote Desktop
    >be secure enough all by itself? What are the rest of you doing?
    >
    >Larry
    >
Ask a new question

Read More

Remote Desktop Microsoft Windows XP