none
Terminal and Remote Desktop Service RRS feed

  • 問題

  • Is there a security concern using the default Terminal and Remote Desktop Services in Windows ( will the communications between a remote workstation and a server to be disclosed ) are there suggestions to overcome this risk?

     

    Pls. advice 

     

    Thnaks

    2008年10月21日 下午 04:20

解答

  • You can use encryption to protect the data that travels between the terminal server and the terminal services client. If you fear unauthorized interception of the data as it travels between the two, you should enable encryption. RSA RC4 encryption is used; encryption can be set to one of the following three levels:

    • High: encrypts both the data sent from client to server and the data sent from server to client using a 128 bit key.
    • Medium: encrypts both the data sent from client to server and the data sent from server to client using a 56 bit key if the client is a Windows 2000 or above client, or a 40 bit key if the client is an earlier version.
    • Low: encrypts only the data sent from client to server, using either a 56 or 40 bit key, depending on the client version. Useful to protect usernames and passwords sent from client to server.

    To change the encryption level, you must be an administrator. In Programs | Administrative Tools, select Terminal Services Configuration and perform these steps:

    1. In the left console pane, select Connections.
    2. In the right details pane, right click RDP-TCP and select Properties.
    3. Click the General tab.
    4. Under Encryption level, select the desired level in the drop down box and click OK.
    2008年10月22日 上午 08:20