Security Basics mailing list archives
RE: RDP Security
From: "Bryan Ponnwitz" <bponnwitz () wwsport com>
Date: Sun, 11 Mar 2007 15:56:36 -0400
I believe Microsoft's answer to MITM attacks on a local LAN is to implement IPSec on your computers. If you implement the correct IPSec policy, then I would say that RDP would be 100% secure. Even if you don't want to turn on IPSec for your whole LAN, you could create a policy to sign traffic on port 3389 between the computers that you're RDP'ing with and it would eliminate the possibility of MITM attacks completely. Bryan -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Tornado Sent: Monday, March 05, 2007 6:37 AM To: security-basics () securityfocus com Subject: RDP Security Hi All, I was just curious to know how secure is Remote Desktop Protocol on the local network? I know that this protocol is prone to MITM attacks.But has Microsoft addressed this issue in the latest RDP client? Thanks in advance. ---------------------------------------------------------------------- Click for FHA loan, $0 lender fees, low rates & approvals nationwide http://tags.bluebottle.com/fc/CAaCMPJetxFHQmpYDjxn9T2dV7G9wZV0/
Current thread:
- RDP Security Tornado (Mar 06)
- Re: RDP Security Brent Gardner (Mar 06)
- Re: RDP Security WALI (Mar 07)
- RE: RDP Security Roger A. Grimes (Mar 08)
- Message not available
- Invisible dilemma - ARP flush WALI (Mar 12)
- Re: Invisible dilemma - ARP flush Bryce Verdier (Mar 15)
- Message not available
- RE: Invisible dilemma - ARP flush WALI (Mar 23)
- Invisible dilemma - ARP flush WALI (Mar 12)
- <Possible follow-ups>
- Re: Re: RDP Security alegr1 (Mar 07)
- RE: Re: RDP Security Roger A. Grimes (Mar 07)