Is Remote Desktop Connection Login secure over wireless?

Archived from groups: microsoft.public.windows.server.security,microsoft.public.windowsnt.terminalserver.connectivity,microsoft.public.windowsnt.terminalserver.protocols.rdp (More info?)

Greetings experts!

When I am using free public wireless hotspots such as coffee-houses, etc.,
the security warning indicates that the connection is not secure, and I
understand that (essentially :)

My question is: If I use an un-secured wireless network connection, then
attempt to use Windows Remote Desktop Connection to connect to my PC at
home, is the username and password I type into the Remote Desktop Connection
settings encrypted or otherwise protected? Or am I at risk of hackers
intercepting the login credentials I pass to RDC?

Thanks!
10 answers Last reply
More about remote desktop connection login secure wireless
  1. Archived from groups: microsoft.public.windows.server.security,microsoft.public.windowsnt.terminalserver.connectivity,microsoft.public.windowsnt.terminalserver.protocols.rdp (More info?)

    The secure tunnel is created before you enter your credentials and even then
    your password is never sent over the network. However I would never enter my
    credentials on a public kiosk computer or other computer that I do not know
    is secure/clean. From your description it sounds as if you are using your
    own laptop. --- Steve


    "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    news:%23ZSCsSkiFHA.500@TK2MSFTNGP09.phx.gbl...
    > Greetings experts!
    >
    > When I am using free public wireless hotspots such as coffee-houses, etc.,
    > the security warning indicates that the connection is not secure, and I
    > understand that (essentially :)
    >
    > My question is: If I use an un-secured wireless network connection, then
    > attempt to use Windows Remote Desktop Connection to connect to my PC at
    > home, is the username and password I type into the Remote Desktop
    > Connection settings encrypted or otherwise protected? Or am I at risk of
    > hackers intercepting the login credentials I pass to RDC?
    >
    > Thanks!
  2. Archived from groups: microsoft.public.windows.server.security,microsoft.public.windowsnt.terminalserver.connectivity,microsoft.public.windowsnt.terminalserver.protocols.rdp (More info?)

    Thanks Steve,

    Just to clarify my understanding: the "secure tunnel" you refer to - that's
    something that RDC creates automatically on my behalf? In other words, there
    are no special configurations or special connection settings I need to
    create on my laptop or the target PC? I only ask since I had seen some
    references in other postings to private VPN etc., and I don't have any of
    that set up. I am just using the default installations of XP on both laptop
    and PC.

    If there are any special configuration steps I need in order to establish
    the "secure tunnel", could you elaborate on those?

    Many thanks!
    Mark

    "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    news:eIHF00kiFHA.2644@TK2MSFTNGP09.phx.gbl...
    > The secure tunnel is created before you enter your credentials and even
    > then your password is never sent over the network. However I would never
    > enter my credentials on a public kiosk computer or other computer that I
    > do not know is secure/clean. From your description it sounds as if you are
    > using your own laptop. --- Steve
    >
    >
    > "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    > news:%23ZSCsSkiFHA.500@TK2MSFTNGP09.phx.gbl...
    >> Greetings experts!
    >>
    >> When I am using free public wireless hotspots such as coffee-houses,
    >> etc., the security warning indicates that the connection is not secure,
    >> and I understand that (essentially :)
    >>
    >> My question is: If I use an un-secured wireless network connection, then
    >> attempt to use Windows Remote Desktop Connection to connect to my PC at
    >> home, is the username and password I type into the Remote Desktop
    >> Connection settings encrypted or otherwise protected? Or am I at risk of
    >> hackers intercepting the login credentials I pass to RDC?
    >>
    >> Thanks!
    >
    >
  3. Archived from groups: microsoft.public.windows.server.security,microsoft.public.windowsnt.terminalserver.connectivity,microsoft.public.windowsnt.terminalserver.protocols.rdp (More info?)

    Remote Desktop establishes the tunnel before you logon. You do not have to
    do anything special. Just make sure you use real strong passwords on your
    computer as others most likely attempt to logon also when they see port 3389
    TCP open on your computer. I would also enable auditing of logon events in
    Local Security Policy so that you can keep track of such. If you find an
    abuser you could try to configure your firewall or ipsec filter to block
    access from that persons public IP address. --- Steve


    "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    news:eMA8jNyiFHA.1412@TK2MSFTNGP09.phx.gbl...
    > Thanks Steve,
    >
    > Just to clarify my understanding: the "secure tunnel" you refer to -
    > that's something that RDC creates automatically on my behalf? In other
    > words, there are no special configurations or special connection settings
    > I need to create on my laptop or the target PC? I only ask since I had
    > seen some references in other postings to private VPN etc., and I don't
    > have any of that set up. I am just using the default installations of XP
    > on both laptop and PC.
    >
    > If there are any special configuration steps I need in order to establish
    > the "secure tunnel", could you elaborate on those?
    >
    > Many thanks!
    > Mark
    >
    > "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    > news:eIHF00kiFHA.2644@TK2MSFTNGP09.phx.gbl...
    >> The secure tunnel is created before you enter your credentials and even
    >> then your password is never sent over the network. However I would never
    >> enter my credentials on a public kiosk computer or other computer that I
    >> do not know is secure/clean. From your description it sounds as if you
    >> are using your own laptop. --- Steve
    >>
    >>
    >> "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    >> news:%23ZSCsSkiFHA.500@TK2MSFTNGP09.phx.gbl...
    >>> Greetings experts!
    >>>
    >>> When I am using free public wireless hotspots such as coffee-houses,
    >>> etc., the security warning indicates that the connection is not secure,
    >>> and I understand that (essentially :)
    >>>
    >>> My question is: If I use an un-secured wireless network connection, then
    >>> attempt to use Windows Remote Desktop Connection to connect to my PC at
    >>> home, is the username and password I type into the Remote Desktop
    >>> Connection settings encrypted or otherwise protected? Or am I at risk of
    >>> hackers intercepting the login credentials I pass to RDC?
    >>>
    >>> Thanks!
    >>
    >>
    >
  4. Archived from groups: microsoft.public.windows.server.security,microsoft.public.windowsnt.terminalserver.connectivity,microsoft.public.windowsnt.terminalserver.protocols.rdp (More info?)

    Hi,

    If I may add, just double check on Terminal server that the Encryption Level
    is set to at least High.

    For added security you could also add TLS to prevent e.g.
    "man-in-the-middle" attacks...

    How to configure a Windows Server 2003 terminal server to use TLS for server
    authentication
    http://support.microsoft.com/?id=895433

    --
    Mike
    Microsoft MVP - Windows Security

    "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    news:%23b%23v05yiFHA.3656@TK2MSFTNGP09.phx.gbl...
    > Remote Desktop establishes the tunnel before you logon. You do not have
    > to do anything special. Just make sure you use real strong passwords on
    > your computer as others most likely attempt to logon also when they see
    > port 3389 TCP open on your computer. I would also enable auditing of
    > logon events in Local Security Policy so that you can keep track of such.
    > If you find an abuser you could try to configure your firewall or ipsec
    > filter to block access from that persons public IP address. --- Steve
    >
    >
    > "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    > news:eMA8jNyiFHA.1412@TK2MSFTNGP09.phx.gbl...
    >> Thanks Steve,
    >>
    >> Just to clarify my understanding: the "secure tunnel" you refer to -
    >> that's something that RDC creates automatically on my behalf? In other
    >> words, there are no special configurations or special connection settings
    >> I need to create on my laptop or the target PC? I only ask since I had
    >> seen some references in other postings to private VPN etc., and I don't
    >> have any of that set up. I am just using the default installations of XP
    >> on both laptop and PC.
    >>
    >> If there are any special configuration steps I need in order to establish
    >> the "secure tunnel", could you elaborate on those?
    >>
    >> Many thanks!
    >> Mark
    >>
    >> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    >> news:eIHF00kiFHA.2644@TK2MSFTNGP09.phx.gbl...
    >>> The secure tunnel is created before you enter your credentials and even
    >>> then your password is never sent over the network. However I would never
    >>> enter my credentials on a public kiosk computer or other computer that
    >>> I do not know is secure/clean. From your description it sounds as if you
    >>> are using your own laptop. --- Steve
    >>>
    >>>
    >>> "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    >>> news:%23ZSCsSkiFHA.500@TK2MSFTNGP09.phx.gbl...
    >>>> Greetings experts!
    >>>>
    >>>> When I am using free public wireless hotspots such as coffee-houses,
    >>>> etc., the security warning indicates that the connection is not secure,
    >>>> and I understand that (essentially :)
    >>>>
    >>>> My question is: If I use an un-secured wireless network connection,
    >>>> then attempt to use Windows Remote Desktop Connection to connect to my
    >>>> PC at home, is the username and password I type into the Remote Desktop
    >>>> Connection settings encrypted or otherwise protected? Or am I at risk
    >>>> of hackers intercepting the login credentials I pass to RDC?
    >>>>
    >>>> Thanks!
    >>>
    >>>
    >>
    >
    >
  5. Archived from groups: microsoft.public.windows.server.security,microsoft.public.windowsnt.terminalserver.connectivity,microsoft.public.windowsnt.terminalserver.protocols.rdp (More info?)

    Thanks for that info Mike. In this case I believe the user is probably using
    XP Pro [home pc mentioned]. If that is the case he still could use local
    Group Policy to make sure default high encryption is enforced by going to
    computer configuration/administrative templates/Windows components/terminal
    services/encryption and security. --- Steve


    "Miha Pihler [MVP]" <mihap-news@atlantis.si> wrote in message
    news:uby9wV3iFHA.3692@TK2MSFTNGP09.phx.gbl...
    > Hi,
    >
    > If I may add, just double check on Terminal server that the Encryption
    > Level is set to at least High.
    >
    > For added security you could also add TLS to prevent e.g.
    > "man-in-the-middle" attacks...
    >
    > How to configure a Windows Server 2003 terminal server to use TLS for
    > server authentication
    > http://support.microsoft.com/?id=895433
    >
    > --
    > Mike
    > Microsoft MVP - Windows Security
    >
    > "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    > news:%23b%23v05yiFHA.3656@TK2MSFTNGP09.phx.gbl...
    >> Remote Desktop establishes the tunnel before you logon. You do not have
    >> to do anything special. Just make sure you use real strong passwords on
    >> your computer as others most likely attempt to logon also when they see
    >> port 3389 TCP open on your computer. I would also enable auditing of
    >> logon events in Local Security Policy so that you can keep track of such.
    >> If you find an abuser you could try to configure your firewall or ipsec
    >> filter to block access from that persons public IP address. --- Steve
    >>
    >>
    >> "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    >> news:eMA8jNyiFHA.1412@TK2MSFTNGP09.phx.gbl...
    >>> Thanks Steve,
    >>>
    >>> Just to clarify my understanding: the "secure tunnel" you refer to -
    >>> that's something that RDC creates automatically on my behalf? In other
    >>> words, there are no special configurations or special connection
    >>> settings I need to create on my laptop or the target PC? I only ask
    >>> since I had seen some references in other postings to private VPN etc.,
    >>> and I don't have any of that set up. I am just using the default
    >>> installations of XP on both laptop and PC.
    >>>
    >>> If there are any special configuration steps I need in order to
    >>> establish the "secure tunnel", could you elaborate on those?
    >>>
    >>> Many thanks!
    >>> Mark
    >>>
    >>> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    >>> news:eIHF00kiFHA.2644@TK2MSFTNGP09.phx.gbl...
    >>>> The secure tunnel is created before you enter your credentials and even
    >>>> then your password is never sent over the network. However I would
    >>>> never enter my credentials on a public kiosk computer or other
    >>>> computer that I do not know is secure/clean. From your description it
    >>>> sounds as if you are using your own laptop. --- Steve
    >>>>
    >>>>
    >>>> "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    >>>> news:%23ZSCsSkiFHA.500@TK2MSFTNGP09.phx.gbl...
    >>>>> Greetings experts!
    >>>>>
    >>>>> When I am using free public wireless hotspots such as coffee-houses,
    >>>>> etc., the security warning indicates that the connection is not
    >>>>> secure, and I understand that (essentially :)
    >>>>>
    >>>>> My question is: If I use an un-secured wireless network connection,
    >>>>> then attempt to use Windows Remote Desktop Connection to connect to my
    >>>>> PC at home, is the username and password I type into the Remote
    >>>>> Desktop Connection settings encrypted or otherwise protected? Or am I
    >>>>> at risk of hackers intercepting the login credentials I pass to RDC?
    >>>>>
    >>>>> Thanks!
    >>>>
    >>>>
    >>>
    >>
    >>
    >
    >
  6. Archived from groups: microsoft.public.windows.server.security,microsoft.public.windowsnt.terminalserver.connectivity,microsoft.public.windowsnt.terminalserver.protocols.rdp (More info?)

    Correct, thanks Steve for the added info.

    For anyone else reading, I also changed the default port that RDC listens on
    so that hackers trying 3389 would fail.

    Thanks!
    Mark

    "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    news:eWZCPk3iFHA.1232@TK2MSFTNGP15.phx.gbl...
    > Thanks for that info Mike. In this case I believe the user is probably
    > using XP Pro [home pc mentioned]. If that is the case he still could use
    > local Group Policy to make sure default high encryption is enforced by
    > going to computer configuration/administrative templates/Windows
    > components/terminal services/encryption and security. --- Steve
    >
    >
    > "Miha Pihler [MVP]" <mihap-news@atlantis.si> wrote in message
    > news:uby9wV3iFHA.3692@TK2MSFTNGP09.phx.gbl...
    >> Hi,
    >>
    >> If I may add, just double check on Terminal server that the Encryption
    >> Level is set to at least High.
    >>
    >> For added security you could also add TLS to prevent e.g.
    >> "man-in-the-middle" attacks...
    >>
    >> How to configure a Windows Server 2003 terminal server to use TLS for
    >> server authentication
    >> http://support.microsoft.com/?id=895433
    >>
    >> --
    >> Mike
    >> Microsoft MVP - Windows Security
    >>
    >> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    >> news:%23b%23v05yiFHA.3656@TK2MSFTNGP09.phx.gbl...
    >>> Remote Desktop establishes the tunnel before you logon. You do not have
    >>> to do anything special. Just make sure you use real strong passwords on
    >>> your computer as others most likely attempt to logon also when they see
    >>> port 3389 TCP open on your computer. I would also enable auditing of
    >>> logon events in Local Security Policy so that you can keep track of
    >>> such. If you find an abuser you could try to configure your firewall or
    >>> ipsec filter to block access from that persons public IP address. ---
    >>> Steve
    >>>
    >>>
    >>> "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    >>> news:eMA8jNyiFHA.1412@TK2MSFTNGP09.phx.gbl...
    >>>> Thanks Steve,
    >>>>
    >>>> Just to clarify my understanding: the "secure tunnel" you refer to -
    >>>> that's something that RDC creates automatically on my behalf? In other
    >>>> words, there are no special configurations or special connection
    >>>> settings I need to create on my laptop or the target PC? I only ask
    >>>> since I had seen some references in other postings to private VPN etc.,
    >>>> and I don't have any of that set up. I am just using the default
    >>>> installations of XP on both laptop and PC.
    >>>>
    >>>> If there are any special configuration steps I need in order to
    >>>> establish the "secure tunnel", could you elaborate on those?
    >>>>
    >>>> Many thanks!
    >>>> Mark
    >>>>
    >>>> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    >>>> news:eIHF00kiFHA.2644@TK2MSFTNGP09.phx.gbl...
    >>>>> The secure tunnel is created before you enter your credentials and
    >>>>> even then your password is never sent over the network. However I
    >>>>> would never enter my credentials on a public kiosk computer or other
    >>>>> computer that I do not know is secure/clean. From your description it
    >>>>> sounds as if you are using your own laptop. --- Steve
    >>>>>
    >>>>>
    >>>>> "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    >>>>> news:%23ZSCsSkiFHA.500@TK2MSFTNGP09.phx.gbl...
    >>>>>> Greetings experts!
    >>>>>>
    >>>>>> When I am using free public wireless hotspots such as coffee-houses,
    >>>>>> etc., the security warning indicates that the connection is not
    >>>>>> secure, and I understand that (essentially :)
    >>>>>>
    >>>>>> My question is: If I use an un-secured wireless network connection,
    >>>>>> then attempt to use Windows Remote Desktop Connection to connect to
    >>>>>> my PC at home, is the username and password I type into the Remote
    >>>>>> Desktop Connection settings encrypted or otherwise protected? Or am I
    >>>>>> at risk of hackers intercepting the login credentials I pass to RDC?
    >>>>>>
    >>>>>> Thanks!
    >>>>>
    >>>>>
    >>>>
    >>>
    >>>
    >>
    >>
    >
    >
  7. Archived from groups: microsoft.public.windows.server.security,microsoft.public.windowsnt.terminalserver.connectivity,microsoft.public.windowsnt.terminalserver.protocols.rdp (More info?)

    Microsoft just released an advisory that Terminal Services (RDP) are
    vulnerable to a Denial of Service attack.
    http://www.microsoft.com/technet/security/advisory/904797.mspx


    This doesn't have anything to do with wireless, over which you are just as
    secure as any other medium. However, you'll want to know about this.
    Chris


    "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    news:esNQpM$iFHA.3436@tk2msftngp13.phx.gbl...
    > Correct, thanks Steve for the added info.
    >
    > For anyone else reading, I also changed the default port that RDC listens
    > on so that hackers trying 3389 would fail.
    >
    > Thanks!
    > Mark
    >
    > "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    > news:eWZCPk3iFHA.1232@TK2MSFTNGP15.phx.gbl...
    >> Thanks for that info Mike. In this case I believe the user is probably
    >> using XP Pro [home pc mentioned]. If that is the case he still could use
    >> local Group Policy to make sure default high encryption is enforced by
    >> going to computer configuration/administrative templates/Windows
    >> components/terminal services/encryption and security. --- Steve
    >>
    >>
    >> "Miha Pihler [MVP]" <mihap-news@atlantis.si> wrote in message
    >> news:uby9wV3iFHA.3692@TK2MSFTNGP09.phx.gbl...
    >>> Hi,
    >>>
    >>> If I may add, just double check on Terminal server that the Encryption
    >>> Level is set to at least High.
    >>>
    >>> For added security you could also add TLS to prevent e.g.
    >>> "man-in-the-middle" attacks...
    >>>
    >>> How to configure a Windows Server 2003 terminal server to use TLS for
    >>> server authentication
    >>> http://support.microsoft.com/?id=895433
    >>>
    >>> --
    >>> Mike
    >>> Microsoft MVP - Windows Security
    >>>
    >>> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    >>> news:%23b%23v05yiFHA.3656@TK2MSFTNGP09.phx.gbl...
    >>>> Remote Desktop establishes the tunnel before you logon. You do not
    >>>> have to do anything special. Just make sure you use real strong
    >>>> passwords on your computer as others most likely attempt to logon also
    >>>> when they see port 3389 TCP open on your computer. I would also enable
    >>>> auditing of logon events in Local Security Policy so that you can keep
    >>>> track of such. If you find an abuser you could try to configure your
    >>>> firewall or ipsec filter to block access from that persons public IP
    >>>> address. --- Steve
    >>>>
    >>>>
    >>>> "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    >>>> news:eMA8jNyiFHA.1412@TK2MSFTNGP09.phx.gbl...
    >>>>> Thanks Steve,
    >>>>>
    >>>>> Just to clarify my understanding: the "secure tunnel" you refer to -
    >>>>> that's something that RDC creates automatically on my behalf? In other
    >>>>> words, there are no special configurations or special connection
    >>>>> settings I need to create on my laptop or the target PC? I only ask
    >>>>> since I had seen some references in other postings to private VPN
    >>>>> etc., and I don't have any of that set up. I am just using the default
    >>>>> installations of XP on both laptop and PC.
    >>>>>
    >>>>> If there are any special configuration steps I need in order to
    >>>>> establish the "secure tunnel", could you elaborate on those?
    >>>>>
    >>>>> Many thanks!
    >>>>> Mark
    >>>>>
    >>>>> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
    >>>>> news:eIHF00kiFHA.2644@TK2MSFTNGP09.phx.gbl...
    >>>>>> The secure tunnel is created before you enter your credentials and
    >>>>>> even then your password is never sent over the network. However I
    >>>>>> would never enter my credentials on a public kiosk computer or other
    >>>>>> computer that I do not know is secure/clean. From your description it
    >>>>>> sounds as if you are using your own laptop. --- Steve
    >>>>>>
    >>>>>>
    >>>>>> "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
    >>>>>> news:%23ZSCsSkiFHA.500@TK2MSFTNGP09.phx.gbl...
    >>>>>>> Greetings experts!
    >>>>>>>
    >>>>>>> When I am using free public wireless hotspots such as coffee-houses,
    >>>>>>> etc., the security warning indicates that the connection is not
    >>>>>>> secure, and I understand that (essentially :)
    >>>>>>>
    >>>>>>> My question is: If I use an un-secured wireless network connection,
    >>>>>>> then attempt to use Windows Remote Desktop Connection to connect to
    >>>>>>> my PC at home, is the username and password I type into the Remote
    >>>>>>> Desktop Connection settings encrypted or otherwise protected? Or am
    >>>>>>> I at risk of hackers intercepting the login credentials I pass to
    >>>>>>> RDC?
    >>>>>>>
    >>>>>>> Thanks!
    >>>>>>
    >>>>>>
    >>>>>
    >>>>
    >>>>
    >>>
    >>>
    >>
    >>
    >
  8. Hi!

    I found this thread searching the net for info on RDP encryption, you seem to have a lot of knowledge about this so I'll just fire away som questions and hope you'll have some answers.

    1. I've heard that the RD encryption isn't activated until after you've logged in to the remote computer (thus sending login info uncrypted), this sounds quite strange (stupid even) and I wonder if there's any truth to it?

    2. I'm on WinXP (both remote and local) and changed the "Set client connection encryption level" in the Group Policy editor to Enabled, is this something that only has to be done on the server? I also heard that default encryption is always activated in RD, but my (old (original)) group policy begged to differ...?

    3. Even though I changed the group policy (and heard that this shouldn't have to be done since it's active by default) the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\fDisableEncryption is set to 1, what does this mean?

    4. (The bonus question)
    After reading this thread about connecting over unsecure wireless networks I just wonder: when RD connects to the server and activate the encryption I guess som key negotiation is done between the two sides. Wouldn't it be possibe to sniff this negotiation and get the needed info to decrypt all other data?

    Ok, that's it. Grateful for any answer!

    Best Regards
    Kristoffer
  9. the RDP encryption methods are for the duration of the RDP session, not for authentication

    authentication is a different story, they have different algorithims and it's not an unecrypted / clear text password, it will use either kerberos or ntlm just like when you login to a workstation, it's encrypted

    you could tighten up your wifi if you're worried about sniffers when you're entering credentials, but the default encryptions are pretty good and not easy to sniff

    not to mention you can have certificates for authentication as well in terminal services
  10. Quote:
    Greetings experts!

    When I am using free public wireless hotspots such as coffee-houses, etc.,
    the security warning indicates that the connection is not secure, and I
    understand that (essentially :)

    My question is: If I use an un-secured wireless network connection, then
    attempt to use Windows Remote Desktop Connection to connect to my PC at
    home, is the username and password I type into the Remote Desktop Connection
    settings encrypted or otherwise protected? Or am I at risk of hackers
    intercepting the login credentials I pass to RDC?

    Thanks!



    Yes, your asking for trouble. RDP is vulnerable to Man In The Middle attacks.
    http://www.securiteam.com/windowsntfocus/5EP010KG0G.html

    Quote:
    Steve said...
    "The secure tunnel is created before you enter your credentials and even then
    your password is never sent over the network."


    How is the client authenticated if credentials are not passed over the network?
    Once again check this...
    http://www.securiteam.com/windowsntfocus/5EP010KG0G.html

    Quote:
    If you find an
    abuser you could try to configure your firewall or ipsec filter to block
    access from that persons public IP address. --- Steve


    A slightly better way would be to block all IP addresses except the ones you explicitly want to allow.
    In saying this, IP addresses can be spoofed.

    Quote:
    Mark stated... "For anyone else reading, I also changed the default port that RDC listens on
    so that hackers trying 3389 would fail."


    Hackers only searching for a specific port are not really hackers.
    A packet sniffer will disclose an RDP session by the T.125 protocol.
    Once an attacker has got access to your wired network or an unsecured wireless network,
    All they need to do is run a packet sniffer, find out the IP addresses being used in the RDP session and launch a MITM attack.

    The attack described above has been successfully implemented into the software Cain & Abel available at
    http://www.oxid.it. From version 2.7 the program can now perform man-in-the-middle attacks against RDP
    protocol sessions decrypting all the information that travels from client to server in both directions. The
    program try also to recognize the keyboard activity at the client-side providing some kind of password
    interception.
Ask a new question

Read More

Remote Desktop Connection Microsoft Windows