> Why not? I don't know of any current exploit for RDP set to high
> encryption, and even if there were any, connections may very well be
> shielded by encrypted tunnels.

I'm not aware of any currently either, but as their track record
proves, that's meaningless. It was more of a retorical question and a
snide remark - please excuse it.

> RDP can be tunneled thru SSH as well and has much better performance
> than VNC (don't know about Radmin).

This may very well be true. I'm not up to par as much as I'd like on
RDP, although I'm quite well learned on VNC and such. TightVNC has
some of the best compression I've ever seen on a remote control app,
aside from some of the trojans out there. I've used TightVNC through
Dial-up many a times without delay or a problem. I'd love to see RDP
perform the same feat.

But I digress. Again, I very well could be wrong about RDP. I've
always leaned towards other remote control programs due to problems
that usually arises with proprietary programs. (I've been using a form
of WinVNC since before RDP was even thought of.) I'm biased - I'll
admit it. No harm in suggesting an alternative and letting the user
decide.

> Regards
> Ansgar Wiechers

Thanks for the intelligent reply, as usual. =) Take care.

--
Peace. ~G

On Thu, 14 Oct 2004 17:43:41 +0200, Ansgar -59cobalt- Wiechers
<bugtraq (at) planetcobalt (dot) net [email concealed]> wrote:
> On 2004-10-13 GuidoZ wrote:
> > Can the terms "Microsoft Remote Desktop" and "Secure" even be used in
> > the same discussion? =)
>
> Why not? I don't know of any current exploit for RDP set to high
> encryption, and even if there were any, connections may very well be
> shielded by encrypted tunnels.
>
> > The only way I could see applying any form of security is to do it
> > under the protection of a VPN. As for not having the active user
> > logged off, I don't have an answer for that.
> >
> > Personally, I'd recommend one of the many other remote desktop tools
> > out there. WinVNC and Radmin both come to midn quickly. (WinVNC can be
> > done through SSH. Though I'm not positive, I believe you can encrypt
> > Radmin sessions as well.) Google both for more info.
>
> RDP can be tunneled thru SSH as well and has much better performance
> than VNC (don't know about Radmin).
>
> Regards
> Ansgar Wiechers
> --
> "Those who would give up liberty for a little temporary safety
> deserve neither liberty nor safety, and will lose both."
> --Benjamin Franklin
>
> ------------------------------------------------------------------------
---
> ------------------------------------------------------------------------
---
>
>

------------------------------------------------------------------------
---
------------------------------------------------------------------------
---

[ reply ]