Archived from groups: microsoft.public.windowsxp.work_remotely (
More info?)
RDP is inherently secure, as the info being transimtted is encrypted and mostly bits of images. The only info being transitted are the changes of the screen, print jobs & file copy. All of these happens over port 3389 for RDP, regardless of the info being sent. If you do expose your machine to the Internet via Port 3389, or any other port for Remote Desktop, make sure you use a complex password, i.e. 8-15 characters, upper & lower case, numbers, special characters and hidden characters if you're really paranoid. Also good to not allow the administrator account to logon via Remote Desktop.
1. I have never heard of a packet sniffer that can reassemble RDP packets into meaningful data.
2. Changing the default port from 3389 to something else would only be obscuring the target enough to stop the most unskilled hacker, who wouldn't have the know-how to to break into your system without an automated tool (i.e. script-kiddie tools). Anyone smart enough to break-in is more than capable of finding your port, so changing ports in my opinion is equivalent to closing a door, as opposed to leaving it open. Neither is secure, but one sticks out.
Patrick Rouse
Microsoft MVP - Terminal Server
http://www.workthin.com
----- Larry Schwartz wrote: -----
Thanks for the info, but my biggest worry is that the open port could be
used as a vehicle for attacks on my machine . . . I'm just trying to figure
out if there's something I should be doing about it.
Larry
> From a recent NG post by Patrick Rouse:
>> ----
> Opening port 3389 is as secure as (if not more than) HTTPS or
> non-certificate based VPN, as all traffic is encrypted within the RDP
> Packets. If you require a higher level of security, i.e. to limit which
> computer can connect to your terminal servers, you can look into
IPSec/L2TP
> VPN or simpler (to implement) 3rd party solutions like his SecureRDP or
one
> called WiSSH.
>>
http://www.workthin.com/tsao.htm
>> Larry Schwartz wrote:
>> Ok, here's the $64,000 Question -- How secure is Remote Desktop? I
>> have opened a "hole" in my SOHO firewall and forwarded port 3389 to
>> my WinXP Pro machine. I'm surprised by how well it works. However,
>> I'm a little worried that I've just opened a myself up to all manner
>> of nefarious attacks. Are there any other security precautions I
>> should take, or will Remote Desktop be secure enough all by itself?
>> What are the rest of you doing?
>>>> Larry
>>