Home page logo
/

basics logo Security Basics mailing list archives

SV: Securing RDP - Is this possible?
From: Peter Wahlström <peter () lkpg com>
Date: Wed, 15 Apr 2009 21:03:15 +0200

The password is not sent in clear text as you say, I meant that you can read it with Cain in clear text.

A report
http://www.oxid.it/downloads/rdp-gbu.pdf

and a little clip on how to do it.

http://www.irongeek.com/i.php?page=videos/cain-rdp-terminal-server-mitm-sniff

Peter

-----Ursprungligt meddelande-----
Från: Scott Race [mailto:scott () jda-networks com]
Skickat: den 15 april 2009 17:34
Till: wahlstrom79 () gmail com;security-basics () securityfocus com
Ämne: RE: Securing RDP - Is this possible?

The password is not sent in plain text.

From Microsoft's website:

Data encryption can protect your data by encrypting it on the
communications link between the client and the Windows XP
Professional-based computer. Encryption protects against the risk of
unauthorized interception of transmitted data. By default, Remote
Desktop sessions are encrypted at the highest level of security
available (128-bit). However, some older versions of Terminal Services
client software do not support this high level of encryption. If your
network contains such "legacy" clients, you can set the encryption level
of the connection to send and receive data at the highest encryption
level supported by the client.

There are two levels of encryption available:

    *

      High

      This level encrypts data sent from the client to the remote
computer and from the remote computer to the client by using strong
128-bit encryption. Use this level only if you are sure that your client
computer supports 128-bit encryption (for example, if it is running
Windows XP Professional). Clients that do not support this level of
encryption will not be able to connect.
    *

      Client Compatible

      This level encrypts data sent between the client and the remote
computer at the maximum key strength supported by the client. Use this
level if your client computer does not support 128-bit encryption.


http://technet.microsoft.com/en-us/library/bb457106.aspx


Scott

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of wahlstrom79 () gmail com
Sent: Wednesday, April 15, 2009 12:15 AM
To: security-basics () securityfocus com
Subject: Re: Securing RDP - Is this possible?

RDP is absolutley not secure in Windows 2003 and Windows XP. It is easy
to use i.e. Cain to sniff the password i clear text.

You can use RDP over SSL. It's builtin to Windows and is default in
Windows 2008.

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Find the source of cybercrime! Almost every crime today involves a
computer or mobile device. Learn how to become a Computer Forensics
Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up
to three industry recognized certs available, online computer forensics
training available.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------








------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Find the source of cybercrime! Almost every crime today involves a computer or mobile device. Learn how to become a 
Computer Forensics Examiner in InfoSec Institute's hands-on Computer Forensics Course. Up to three industry recognized 
certs available, online computer forensics training available.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault