IS RDP secure

[prinsk]

Hi All

How secure is RDP.

i.e My router/firewall blocks everything else coming in. It has port forwarding for RDP configured to the PC.

So nothing else gets in except traffic on the RDP port to my PC. The only security then is the RDP login/password. How secure is this? Is this OK to do?

 

[dabouncer]

Change ur listening port for rdp in ur registry to something other than 3389. Most ppl wont be bothered scanning an entire ip range for tons of open ports on ppls pc's. Getting past the username and password is also very tough specially if ur username isnt administrator.

 

[hotmojo]

RDP sends your User/Pass combination plain text so if anyone is listening ...

Have your router rather forward another port like 36435 to 3389 and then connect using
IPADDRESS:36435

Also IIRC there are a couple of security vulnerabilities for RDP

Cert reports on RDP vulnerabilities

*EDIT*
Added URL to CERT

 

[prinsk]

That is what I am concerned about. But I do have automatic updates activated, so that should eliminate the security vulnerabilities.

Do you people out there leave your RDP activted.

 

[hotmojo]

Do you people out there leave your RDP activted.

Only if I could port forward to the server, otherwise no. Cannot risk it with MS stuff.

You may consider using UltraVNC, it encrypts everything and it is FREE. I have also found it too be more reliable on low speed (non LAN) connection. Another bonus with it is you can also transfer a file to/from the "server" machine which is quite handy

 

[mancombseepgood]

There's an easier way - download and install Hamachi on both machines - easy to set up and encrypts all traffic between the 2 PCs. It works P2P so is direct. No router setup required in most cases and uses 256k encryption for all traffic between the 2 points. www.hamachi.cc

Of course the beauty of hamachi is the fact that you can then use any software - encrypted or not - and not have any plain text on the wire - you can also run other services, like file and print sharing since it is a VPN connection between two (or more) points!

Ultr@VNC is great, I use it too, but have found hamachi solves all those hassles (and it is free). VNC is definately slower than RDP. Of course for ultimate speed, run the old netmeeting desktop sharing (with hamachi) - it is very fast!
For WinXP or 2000, simply click start, run and "conf" in the run box. Enable remote desktop sharing, ensure netmeeting runs on startup, check all other options and test. Make sure netmeeting is enabled in your firewall settings.

 

[kilos]

Make sure you download the latest version of
UltraVNC 1.0.2 as their is the following vulnerability
Multiple Remote Error Logging Buffer Overflow Vulnerabilities Client buffer overflow
http://www.securityfocus.com/bid/17378

 

[jacobstone]

I use RDP to remote to my machine at work from home, I've had it running for the past 3 years on port 3389 using a simple port forwarding rule on a Netgear DG834.

Pretty safe as far as I'm concerned.

If someone is determined enough to DoS you or get in then they will regardless.

 

[mancombseepgood]

Hamachi is still very easy to use and you then have any networked app to play with as if you were on the same LAN.