Win 2k3 Remote Desktop Security

Hello, Im installing the first network server in an enviroment of 150 users. I was looking on the web for how secure RD is, but couldnt any respecks. Like at first when sending user name and password if it was encrypted or not. (Incase of packet sniffing.) I dont feel as if this is the companies network but my own and would like to have it secure and broadcasting the server logins.

 

I had thought maybe the authentication was in plain text but I think that quote answered that question!

I had also heard that Exchange web mail used plain text for user name and password but never was able to verify.

 

That is way I was asking the question about the RD. Ive been reading up on Exchange 2003 and different sources say to never use RD because it is not encryptioned. That is why you use the Exchange System Manager.

Thanks for finding that info for me Arie.

 

It all depends on what you use remote desktop for, if it is just internally on your private network then the security risk of packet sniffers and all that is greatly reduced. If you open the RDP port for external access from the internet then you are just asking for trouble.

 

Well the main reasoning for this question is we have a salesman that like to packet sniff the network. He uses his laptop all over the network so I cant release connection him to his own node. We also have some sales reps that come in that do the same, for security of the network. They showed the salesman and thats how that came up.

Eventually, I would also like to setup a VPN that I can connect to the network so that I may connect as if I was here. So if I take a trip or out I connect instead of traveling back and forth. I was assuming that I would not have to open a port for the RD instead just a port for VPN.

 

So tell him that packet sniffing the network is not allowed and is a breach of the company policy, if you don't have a policy like that then suggest to management that this needs to be put in place...if he continues then he is likely to get repremanded... there is no need to stop using a perfectly good tool for internal remote management because some SALESMAN thinks he is
L33T with the packet sniffing...

 

One thing to do is use switches on your network. That makes it a lot more difficult to sniff packets from any one point on the network. Only the packets intended for the node with the sniffer, and broadcasts will get to the sniffer.

If you already have switches (rather than hubs), the information the sniffer can get will mainly be limited to the information they can get from broadcasts.

Personally I'd threaten the saleman with limb amputation. If they didn't stop escalate to management. These sorts of guys start by sniffing, and end up doing things like setting ODBC connections into databases so they can tweak their data in Excel. Jump on him now. Jump on him hard.

 

If your TS session through Intenet, and so worry about the sniffing, may be consider the SSL VPN for remote desktop. it will solve your issue and all packet transmit has been encrypted.