Microsoft Remote Desktop and Security

Raise your hand if you use Microsoft’s Remote Desktop client.   Keep your hand raised if you have ever wondered how a Remote Desktop session is secured.  Finally, only keep your hand up if you have acted on your curiosity and now know the method of encryption used to secure RDP communications and how vulnerable it is to attack.

If your hand is still raised, congratulate yourself for being so security-conscious, but be aware that you are sitting at your computer with your hand in the air because a blog post told you to.  As for everyone else, you should read on.

The good news is that the Remote Desktop Protocol (RDP) is indeed encrypted using RC4.  The bad news is that RC4 is not the best form of encryption out there and can be susceptible to attack by a determined foe.  There may be easier ways to grab protected information than trying to snoop on Remote Desktop sessions, but you should definitely be wary of what information is passing from your fingertips to the remote machine and back.

Older versions of Remote Desktop are vulnerable to man-in-the-middle attacks.  This is even more worrisome because the man in the middle doesn’t even need to attack RC4.  Your RDP data arrives completely decrypted and open for his perusal.

Do you or your employees regularly use Remote Desktop over the Internet with no further security measures in place?  If so, I would recommend that you add them.  Don’t know how?  Contact us!