Saturday, 12 October 2013

Remote Desktop Protocol

Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software.

Clients exist for most versions of Microsoft Windows (including Windows Mobile), Linux, Unix, Mac OS X, iOS, Android, and other modern operating systems. RDP servers are built into Windows operating systems; an RDP server for Linux also exists. By default, the server listens on TCP port 3389.[1]

Microsoft currently refers to their official RDP server software as Remote Desktop Services, formerly "Terminal Services". Their official client software is currently referred to as Remote Desktop Connection, formerly "Terminal Services Client".

The protocol is an extension of the ITU-T T.128 application sharing protocol.

Security issues

The RDP protocol in its default configuration is vulnerable to a man-in-the-middle attack. Administrators can enable transport layer encryption to mitigate this risk.
RDP sessions are also susceptible to in-memory credential harvesting, which can be used to launch pass the hash attacks.

In March 2012, Microsoft released an update for a critical security vulnerability in the RDP protocol. The vulnerability allowed a Windows computer to be compromised by unauthenticated clients and computer worms.
RDP client version 6.1 can be used to reveal the names and pictures of all users on the RDP Server (no matter which Windows version) in order to pick one, if no username is specified for the RDP connection.

No comments :

Post a Comment