IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [rdp]

Remote Desktop Protocol, a protocols for accessing Windows applications remotely

RDP (Remote Desktop Protocol) is a protocol to access graphical sessions remotely, and thus to run GUI applications remotely.

The protocol is defined by Microsoft and primarily used between Windows systems, but both clients and servers exist on other major operating systems. All versions of Windows (since XP) include an RDP client. A server is included in server-grade editions.

RDP can run over TCP or UDP. In both cases the default port is 3389. Since version 6 (supported since Windows Vista), the protocol can optionally run over TLS.

A similar protocol in the Unix world is VNC.

Further reading

126 questions
3
votes
0 answers

Is it possible for a remote machine to "escape" from a folder mapped through RDP?

Although most people seem to share entire drives with RDP, it is possible to share individual folders, by mapping them to a drive for example with subst : (for other ways see raymond.cc ). Obvious commands such as ..\ do…
gbr
  • 260
  • 1
  • 7
3
votes
2 answers

RDP violation without credentials

On a Windows Server 2003 machine seems like someone has logged in through RDP without using credentials: there is a logged access, but there are nor userid nor password. I am wondering how is this possible, and I can't figure out a valid scenario,…
Flash
  • 33
  • 6
3
votes
2 answers

Is open RDP really dangerous?

I have just started work for a small (100-150 employees) company. I noticed that anybody can remote in to the remote server using the correct domain, which is quite easy to guess based on the company name and the name of the server. Seen as RDP is…
Adam T
  • 141
  • 1
  • 4
3
votes
2 answers

RDP - Same login sufficient?

I just authorized remote access to my Windows 7 machine (not using NLA, since I run a mainly Linux network). I diabled Remote Assistance. My user (JoeBlow) is protected with password 123456 and autologon is not enabled. When I connect from a Linux…
DomLen
  • 31
  • 1
3
votes
3 answers

Dedicated Server in Cloud Environment - SSL Remote Login vs Dedicated VPN

Thanks for taking your time to look into this question. Background I have my website hosted in a dedicated server in the cloud. The server is a Windows 2008 R2 machine. To publish I FTP files to the server. For general maintenance, I remotely…
Intrigue
  • 131
  • 2
2
votes
1 answer

Why would a corporation NOT want to allow users on a corporate network to RDP to their specific desktops?

I have a multitude of users that are requesting the ability to RDP from other workstations, on the same network, to their specific desktop computers. I would like to know what the risks of this are and reasons why this should not be granted.
Brent Halling
  • 21
  • 2
2
votes
1 answer

Is Windows 7's Remote Assistance feature secure?

Are there known attacks that can intercept an ongoing Remote Assistance session, for example to take screenshots or even worse, impersonate the other computer and send arbitrary keystrokes, or to connect to an inactive session before the real person…
user42178
2
votes
0 answers

What if anything is the security differences between team viewer 7 and team viewer 9?

Is anyone aware of any major overhauls or security fixes to Team Viewer 9 (since v7) or does the popular accuvant blog (http://blog.accuvant.com/bthomasaccuvant/teamviewer-authentication-protocol-part-1-of-3/) still hold true? (This blog was…
Kevin D.
  • 21
  • 2
2
votes
1 answer

Setting up NAT with firewall for RDP connection

I have a vendor who needs to connect remotely to one of our servers. What I thought I would do is setup a NAT rule in our firewall. I have a public IP address that I will have translated to the local server address so that then the vendor just needs…
donL
2
votes
1 answer

how much of a security threat would this be?

If I set up a Domain Controller server to be accessible from the internet via Remote Desktop Connection (through port forwarding in the router), how much of a threat would that be? and if I have a strong administrator password? and if there are…
user29239
2
votes
1 answer

Security of RDPs and infected host system

I currently use a lot of Remote Desktop Connections and even mRemoteNG and I am curious, do key loggers and other security threats have the ability to see what I type and do on the RDPs? Can they piggy back on the connections? I am pretty sure that…
Travis Thompson
  • 539
  • 1
  • 5
  • 9
2
votes
1 answer

Risks of Microsoft Remote Desktop access behind a secure VPN

This is mostly for my own education, but a scenario has came up at work that has me skeptical. I'd like for the security experts to tell me if this policy is overbearing or not. I remote into a VPN from my home PC, non-company issued. It installs…
jlrolin
  • 123
  • 1
  • 5
2
votes
1 answer

RDP vs. VNC when looking them from security side

Regarding: https://unix.stackexchange.com/questions/12924/ssh-tunnel-with-vnc Which one would be better, if we look it @security side? I heard that RDP is very very poor when it comes to security.
LanceBaynes
  • 6,149
  • 11
  • 60
  • 91
2
votes
2 answers

is RDP7.0 authentication process secure enough?

Latest version RDP used NLA, CredSSP and TLS to secure the authentication process. It sound like secure but in reality does it really secure enough. I knew that the previous version RDP is vulnerability to man-in-middle attacks, does this attack…
user236501
  • 311
  • 3
  • 12
2
votes
3 answers

Can a website detect remote operation of a computer?

I was wondering if a website I am visiting can detect whether or not the computer that is being used is being operated remotely. For example... I have two desktops. I use Desktop 1 to remotely operate Desktop 2 through windows' Remote Desktop…
Outcahst
  • 23
  • 1
  • 4
1 2
3
8 9