Remote desktop connection!!

[Guest]

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Is remote desktop connection secure? I have a firewall router at home and
at the office.

Thank you for your help in advance!

Candace Sparks

 

[Guest]

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

There is the Windows-XP firewall at either end. The thing I'm not sure about
is how to connect to the computer given that it is not in my local network
and not part of another network having any static IP addresses. Thanks a lot
for the help.

"Candace Sparks" wrote:

> Is remote desktop connection secure? I have a firewall router at home and
> at the office.
>
> Thank you for your help in advance!
>
> Candace Sparks
>
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I have a static private IP address on my computer at the office, I port
forwarded 3389 to that IP address. At home, I have a static private IP
address and I also forwarded port 3389 to that IP address. I do not think I
had to do that at home. I just type in the address of the computer at work,
and I can connect.

Candace Sparks

"JTP" <JTP@discussions.microsoft.com> wrote in message
news:1B77AC45-2B66-44AB-8F9E-E58349CA697F@microsoft.com...
> There is the Windows-XP firewall at either end. The thing I'm not sure
> about
> is how to connect to the computer given that it is not in my local network
> and not part of another network having any static IP addresses. Thanks a
> lot
> for the help.
>
> "Candace Sparks" wrote:
>
>> Is remote desktop connection secure? I have a firewall router at home
>> and
>> at the office.
>>
>> Thank you for your help in advance!
>>
>> Candace Sparks
>>
>>
>>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

This article explains RDP encryption a bit..

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/termserv/termserv/remote_desktop_protocol.asp

Use a *STRONG* password and limit access to your account only...

http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/pree_rem_hzcq.asp

If you want additional security run Remote Desktop through a VPN or SSH tunnel.

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...

"Candace Sparks" <rsparks24@comcast.net> wrote in message news:C4Cdnek2o89jg3_cRVn-pA@comcast.com...
> Is remote desktop connection secure? I have a firewall router at home and at the office.
>
> Thank you for your help in advance!
>
> Candace Sparks

 

[Guest]

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Look at this page for help...

http://theillustratednetwork.mvps.org/RemoteDesktop/RemoteDesktopSetupandTroubleshooting.html

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...

"JTP" <JTP@discussions.microsoft.com> wrote in message
news:1B77AC45-2B66-44AB-8F9E-E58349CA697F@microsoft.com...
> There is the Windows-XP firewall at either end. The thing I'm not sure about
> is how to connect to the computer given that it is not in my local network
> and not part of another network having any static IP addresses. Thanks a lot
> for the help.
>

 

[jw]

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

sorry Candace.
when i first recommended you try this group, i really thought you would
get some intelligent answers, not guesses and links to useless web pages
that describe how to install and use it (which was not your question to
begin with).

hoping to answer your original question (how secure is it ?), here is my
best understanding of what little info i have gathered. in cases where
all inbound traffic for port #### is forwarded straight into the PC, the
hardware firewall/router adds no protection whatsoever from attacks
directed to port ####. but users with dynamic IP addresses have no
alternative, when using Remote Desktop Connection. However, since you
have static IPs at both ends, the solution to this problem is as easy as
setting up your firewall to respond to Nobody on port 3389, except the
static IP address of the remote PC.

since every hacker knows Remote Desktop Connection listens to port 3389,
another step you could take to increase your security would be to change
the port RDC listens to, according to instructions in MS Knowledge Base
article Q187623. this only addresses security of inbound communication.

Secunia.com indicates the encryption used by Remote Desktop Connection
is vulnerable, because the encrypted representation of the character is
the same every time you type it. See
http://secunia.com/advisories/7118/ Therefore, you do not want to use
RDC to transfer info about proprietary company data or your personal
identity. Secunia.com also indicates a vulnerability that could crash
the Remote Desktop service on XP Pro, if a maliciously crafted packet is
injected when the login screen is drawn during negotiation. See
http://secunia.com/advisories/7121/

if any communication between PCs involves transmittal of proprietary
company data or personal identity, then you would be safer using a
Virtual Private Network connection on both PCs, because the encryption
is much better. Nothing i could see in Secunia.com indicates a
vulnerability in Remote Desktop Connection that would put your PC files
at risk, or allow an attacker to take control of your PC.

once a client logs into the remote PC (your office or home PC), then
security is only as good as the permissions and rights of the account
used to log in with. therefore, you want to limit the permissions and
rights of the account used to log in with. for example, you might want
to only allow log in with a Limited Account, that prevents changes to
file/folder ownership, prevents installation of programs, prevents
changes to your Windows system folder, etc., only allowing execution of
programs and modification of files within the account's personal profile.





Candace Sparks wrote:
> Is remote desktop connection secure? I have a firewall router at home and
> at the office.
>
> Thank you for your help in advance!
>
> Candace Sparks
>
>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

JW <JustPostYourReply@ToThisNewsGroup.pls> wrote:

> Secunia.com indicates the encryption used by Remote Desktop Connection
> is vulnerable, because the encrypted representation of the character
> is the same every time you type it. See
> http://secunia.com/advisories/7118/

That site also says that weakness was fixed by updates in September 2002.
Not a current problem.

--
Robin Walker [MVP Networking]
rdhw@cam.ac.uk

 

[jw]

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

you used the word "fixed", but a simple search on the web page reveals
the word "fixed" only occurs in One place --- in the following text :


"If Windows XP Professional Service Pack 1 has been installed, the
issues are less critical, Remote Desktop no longer crashes, and the
keystroke vulnerability is more difficult to abuse, but it is not fixed
as it is a basic design flaw."


Note that the Text in the web page you refer is clearly "not fixed"

Therefore you are wrong about the web page. According to Secunia, the
problem is "not fixed". Maybe what you meant to say is the term Secunia
used in their text --- "less critical" or "more difficult to abuse".


Robin Walker [MVP] wrote:
> JW <JustPostYourReply@ToThisNewsGroup.pls> wrote:
>
>
>>Secunia.com indicates the encryption used by Remote Desktop Connection
>>is vulnerable, because the encrypted representation of the character
>>is the same every time you type it. See
>>http://secunia.com/advisories/7118/
>
>
> That site also says that weakness was fixed by updates in September 2002.
> Not a current problem.
>

 

[Guest]

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I would like to know that the solution I use for connecting to the home
computer is secure. I do not know how to set up a VPN. I have a VPN router
on the home network' running Windows 2000 server on the office end. What we
are trying to do is backup several data folders to the home computer.

Thanks your your help in advance!

Candace Sparks
"JW" <JustPostYourReply@ToThisNewsGroup.pls> wrote in message
news:jLEEd.98137$uM5.93279@bgtnsc05-news.ops.worldnet.att.net...
> you used the word "fixed", but a simple search on the web page reveals
> the word "fixed" only occurs in One place --- in the following text :
>
>
> "If Windows XP Professional Service Pack 1 has been installed, the issues
> are less critical, Remote Desktop no longer crashes, and the keystroke
> vulnerability is more difficult to abuse, but it is not fixed as it is a
> basic design flaw."
>
>
> Note that the Text in the web page you refer is clearly "not fixed"
>
> Therefore you are wrong about the web page. According to Secunia, the
> problem is "not fixed". Maybe what you meant to say is the term Secunia
> used in their text --- "less critical" or "more difficult to abuse".
>
>
> Robin Walker [MVP] wrote:
>> JW <JustPostYourReply@ToThisNewsGroup.pls> wrote:
>>
>>
>>>Secunia.com indicates the encryption used by Remote Desktop Connection
>>>is vulnerable, because the encrypted representation of the character
>>>is the same every time you type it. See
>>>http://secunia.com/advisories/7118/
>>
>>
>> That site also says that weakness was fixed by updates in September 2002.
>> Not a current problem.
>>