rdp client over internet

Discussion:

(too old to reply)

allan

2005-01-20 02:59:03 UTC

Hi
Which rdp client connection method is best over the internet? Simply opening
port 3389 on the firewall at the terminal server end and establishing a
session via the rdp client or opening ports 47 and 1723 and then creating a
vpn connection to the remote site and connecting to the terminal server by
it's private ip. What is the difference as far as security is concerned?

dlv

2005-01-20 14:53:05 UTC

Permalink

vpn is more secure than rdp

Patrick Rouse

2005-01-23 05:31:01 UTC

Permalink

IPSec VPN is more secure, however PPTP VPN is no more secure than connecting
via RDP. I'd argue that in unmanaged VPN setups, a VPN connection is more
dangerous than a RDP connection, because you're allowing anything running on
hte remote computer to interect directly with your private network.

If you don't control both endpoints of the VPN, I'd stick with RDP. Most
people that want higher security with Terminal Server go with a secondary
authentication mechanism, i.e. SecureID

http://www.securecomputing.com/index.cfm?skey=21

Patrick Rouse
Microsoft MVP - Terminal Server
http://www.workthin.com

Post by dlv
vpn is more secure than rdp

Vin McLellan

2005-02-01 01:26:25 UTC

Permalink

Post by Patrick Rouse
If you don't control both endpoints of the VPN,
I'd stick with RDP. Most people that want
higher security with Terminal Server go with a
secondary authentication mechanism, i.e.
SecureID

Patrick helpfully offered the URL for Secure Computing. Well and good,
but let me add a couple more. I'm a consultant to RSA, which invented
and exclusively sells the time-synched SecurID, a popular competitor to
SC's Safeword token. RSA's URL is <http://www.rsasecurity.com>.

The RSA-Secured Partners Directory, which now lists 110 commercial VPN
and Firewall products which ship SecurID-Ready, is at:
<http://tinyurl.com/2cfbg> .

Suerte,
_Vin