Remote Desktop Connection - Secure???

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have hear it both ways that RDC to a server or WS is encypted and not.
So which is it?
If it's not how can I make it secure.
Mostly concerned about Win 2003 & 2000 servers & XP.
Thanks
 
Hi,

By default, Windows XP Remote Desktop and Windows Server 2003 Remote Desktop
and Terminal Services use high (128-bit) encryption to encrypt most data
transmissions in both the client-to-server direction and the
server-to-client direction. When you install the 128-bit High Encryption
pack and use high encryption on a Windows 2000 Terminal Services computer,
high (128-bit) encryption is used to encrypt most data transmissions in both
the client-to-server direction and the server-to-client direction.

For more information:
High Encryption on a Remote Desktop or Terminal Services Session Does Not
Encrypt All Information
http://support.microsoft.com/default.aspx?scid=kb;en-us;275727&FR=1&PA=1&SD=HSCH

Understanding the Remote Desktop Protocol (RDP)
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q186607

I hope this helps,

Mike
 
circa Fri, 3 Dec 2004 09:09:02 -0800, in
microsoft.public.win2000.security, =?Utf-8?B?
c3VwcG9ydCB0aGUgc3VwcG9ydGVy?= <support the
(e-mail address removed)> (=?Utf-8?B?
c3VwcG9ydCB0aGUgc3VwcG9ydGVy?= <support the
(e-mail address removed)>) said,
I have hear it both ways that RDC to a server or WS is encypted and not.
So which is it?
Click to expand...

It is encrypted.

Laura
 
circa Fri, 3 Dec 2004 18:21:56 +0100, in
microsoft.public.win2000.security, Miha Pihler (mihap-
(e-mail address removed)) said,
When you install the 128-bit High Encryption
pack and use high encryption on a Windows 2000 Terminal Services computer,
high (128-bit) encryption is used to encrypt most data transmissions in both
the client-to-server direction and the server-to-client direction.
Click to expand...
Service pack 2 or above automatically raises encryption in 2000 to
128-bit, as well.

Laura
 
It is encrypted by default. To further secure you can use ipsec filtering
[block and permit filter actions] to restrict which computers a computer can
accept port 3389 TCP from by IP address and be sure to enforce complex
passwords for the users. --- Steve
 
Back
Top