IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [rdp]

Remote Desktop Protocol, a protocols for accessing Windows applications remotely

RDP (Remote Desktop Protocol) is a protocol to access graphical sessions remotely, and thus to run GUI applications remotely.

The protocol is defined by Microsoft and primarily used between Windows systems, but both clients and servers exist on other major operating systems. All versions of Windows (since XP) include an RDP client. A server is included in server-grade editions.

RDP can run over TCP or UDP. In both cases the default port is 3389. Since version 6 (supported since Windows Vista), the protocol can optionally run over TLS.

A similar protocol in the Unix world is VNC.

Further reading

130 questions
23
votes
2 answers

What are the risks of remoting in (RDP) to a compromised system?

Can the client be harmed in any way, and how?
PBeezy
  • 1,761
  • 2
  • 11
  • 11
16
votes
3 answers

Enable RDP for internal network only

I just got a tablet and I want to use it to RDP into my main computer. The thing is, the first thing I did when I set up my PC was to disable RDP. I am not comfortable, and have no use for, allowing RDP connections from outside my network. I might…
TheCatWhisperer
  • 416
  • 1
  • 5
  • 12
2
votes
3 answers

Win Server 2008 RDP Attack

On one of my machines I run Win 2008 R2 server. It has been recently updated. My RDP session is limited to my IP address only and firewall is UP. Even though the main RDP post 3389 is blocked by firewall ( IP restricted) I am getting 1000's of…
Milan
2
votes
2 answers

Email hacks via RDP

Someone has sent an email from my account that is making me look bad. I am trying to determine if someone either actually did it physically from my computer or via RDP. As there is reason to believe it could have been done RDP although both are…
Charles Sarver
  • 21
  • 1
1
vote
2 answers

Unauthorized activity on port 3389

If you detect activity on port 3389 (the mouse starts moving) What is the first steps you should take from a security standpoint, and who should be notified?
Chris Webb
  • 19
  • 1
  • 2
1
vote
1 answer

TRUSTWAVE pci network vulnerability scan FAIL

We are a small business and we process credit cards through our desktop pc via the webpage myvirtualmerchant.com And trustwave keeps scanning our pc and giving us a fail status. Below is the report showing why we fail the scan. Can anyone tell me…
Robert
  • 5
  • 3
0
votes
0 answers

Security of RDP directly with administrative account VS RDP with normal account and elevation with administrative account

I've had some arguments with people about securing RDP access to servers: Team 1 (including me) suggests that direct RDP access should only be possible with an (separate) administrative account. Team A suggests that one should do RDP login with a…
Don Zoomik
  • 101
0
votes
0 answers

Is RDP user enumeration possible?

There are many pre-made tools around for brute-forcing RDP credentials, but I haven't found one for username enumeration. Is it possible by design to enumerate potential RDP logins? If not within the standard of the protocol, are there username…
Vilius Povilaika
  • 992
  • 8
  • 22
-1
votes
1 answer

How to protect Windows Remote Desktop Client from untrusted server

We have blocked all direct connections from client computers to the Internet in our firewalls and only allow Internet access via http and https through a Squid proxy. Now one of my users requests permission to use accounting software provided as…
Tilman Schmidt
  • 911
  • 4
  • 7