Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Remote Desktop Connection


  • Please log in to reply
14 replies to this topic

#1 Bellzemos

Bellzemos

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 02 February 2015 - 02:35 PM

Hello!

I started learning VPN but it's not as easy for me so now I will first learn how to set and use a Remote Desktop Connection.

And I think I've got it, it's working, it's really easy, but I'm getting warning messages like "Unknown publisher", "Remote computer cannot be verified.", "The Certificate is not from a trusted certifying authority." etc.

Why is that so? I am connecting from a Windows 7 PC to Windows Server 2008 PC, both are in my own house, on a different network though (separated by a router so I can simulate a "real" internet connection).

So how can I properly secure the connection and get rid of those warnings?

Also, how secure is the Remoted Desktop Connection? Is it as safe as Teamviewer, more, less...? Should I change the default RDC port (3389) to another number in the router? Anything else I should know?

Thank you very much!

 



BC AdBot (Login to Remove)

 


m

#2 NotAnElf

NotAnElf

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 02 February 2015 - 03:26 PM

Hi again  :)

 

Certificate errors are fine, as long as you trust the computer you are connecting to (in your case it is fine). All that they mean is that a security certificate has not been brought for that computer. It's largely meaningless on a network (home or small office) so not many people do it.

 

RDP was made so that files cannot be transferred between computers so it is extremely safe in that regards, other than that it is open to the same vulnerabilities that anything going over the internet will be. As I mentioned in your other topic a lot of businesses use VPN/RDP technology now for remote workers and remote assistance so a small network within the home could be considered quite safe.



#3 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 02 February 2015 - 04:45 PM

Hello there :) I see, thank you for the explanation. The only part I'm not really getting is about the files not being transferred - I was able to copy a file from my desktop and paste it straight to the remote PC's desktop.



#4 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 02 March 2015 - 04:36 PM

Hi, I have a few more questions regarding Remote Desktop Connection:

1. How safe is the local computer? Can it get infected if the remote computer is infected?

2. When I access a remote computer of mine it's audio won't work. It says that there isn't any Sound Device even though the sound works when I access it locally. The remote connection somehow disables the sound completely (even though I haven't set it to). How can I fix that?

3. Would it be possible to wake up the remote computer (and then use it remotely) via the Remote Desktop Connection?

Thank you!
 



#5 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 03 March 2015 - 09:25 AM

Anyone, please? :)



#6 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 04 March 2015 - 02:50 PM

Very pretty please? :flowers:



#7 NotAnElf

NotAnElf

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 04 March 2015 - 04:01 PM

Hi, I have a few more questions regarding Remote Desktop Connection:

1. How safe is the local computer? Can it get infected if the remote computer is infected?

2. When I access a remote computer of mine it's audio won't work. It says that there isn't any Sound Device even though the sound works when I access it locally. The remote connection somehow disables the sound completely (even though I haven't set it to). How can I fix that?

3. Would it be possible to wake up the remote computer (and then use it remotely) via the Remote Desktop Connection?

Thank you!
 

 

1/. Not that I am aware of I spend a large amount of time wiping infected machines remotely and I have never had an issue. As I mentioned I don't believe it is possible to transfer files between two RDP sessions, it would be cool to know how you did it. (I could be mistaken however it's just what I've always been told).

 

2/. Can I just clarify this question, you are accessing the remote computer and want to hear the audio from your local PC?

 

3/. Yes you can, you need to turn something on called 'Wake-on-LAN' (your network card needs to support this) either from the BIOS or Device Manager in W7, although I believe it's called 'wake on magic packet' or something similar. I also think you need specialist software for this, a quick google of wake-on-LAN should give you some good choices (Depicus would be a good start).

 

Edit: I would advise looking at the security issues with wake-on-lan before getting into it, but on internal networks they are generally pretty safe.


Edited by NotAnElf, 04 March 2015 - 04:09 PM.


#8 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 05 March 2015 - 10:47 AM

1. We are both talking about Windows' Remote Desktop Connection feature, right? I simply right-clicked a file on the remote PC's desktop, clicked on Copy then went on my own desktop, right-clicked and selected Paste. That's it - the file got copied. And vice-versa is also possible.

 

2. Yes, that's right, I'd like to hear the sounds from the remote PC on my system. If I go physically to the remote PC and use it it's sounds work as they should. When I connect remotely the sond icon in the taskbar shows as unavailable and there are also no sound devices found in the Sound settings in Control Panel. I don't understand why and would like to fix this. Also the screen gets a bit distorted, the text isn't as clear as if I was accesing the remote PC on it's physical location.

 

3. That's something you set in the Network Adapter Settings under the Control Panel, right? I've read about it but there has to be stuff set in BIOS as well. So how would I then wake it up remotely using the RDC? I think RDC connects only when Windows is already up and running. So if I get this right, I would first need to use the special WOL software to wake it up and then connect to it using RDC?

 

Thank you a ton! :)



#9 technonymous

technonymous

  • Members
  • 2,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:52 AM

Posted 06 March 2015 - 01:40 AM

I posted in your WOL thread. As far as RDP version 6 and beyond it has RC4 encryption without using anything. However, it is acceptable to man in the middle attack. Also, a remote pc that is compromised can be used for pass the hash attacks. Its best to use TLS and use server authentication and SSL. However, you can also RDP though a SSH tunnel. You can share just about anything. http://en.wikipedia.org/wiki/Remote_Desktop_Protocol TeamViewer takes care of most of these problems with update encryption protocols. The hardest part is geting WOL to work through the WAN and getting this stuff to work as a service.

 

Another method is to use a combination of COPSSH, Putty client and WinSCP for quick encrypted file transfers. COPSH runs in windows and as a service. It takes a little time to setup correctly, but you create your own private/public keys in putty and edit the SSH configs for private/public keypair and follow online guides to turn off root login (important). No login is permitted without the key and knowing the login username. Then using putty terminal client you can tunnel rdp 3389 port to like 3391 or somehting like that over ssh port 22 (default ssh tunnel). The only port forwarding needed in the router is port 22 for ssh. However, I suggest to change it to somehting else in the COPSSH config files. Or you can use Something like OpenSSH or even just use a Ubuntu linux machine altogether. I mainly like to use a old XP box because some of the things I use is for Windows and XP. Both RDP and COPSSH runs fine together on the same box. Then to standby/reboot/shutdown the machine you simply type ctrl+F4 or use a batch file with shutdown commands while in RDP session. Also, you want to disable keyboard halt errors and adjust power loss options to reboot the machine or shut it down. Which ever you prefer.


Edited by technonymous, 06 March 2015 - 01:41 AM.


#10 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 06 March 2015 - 12:07 PM

How do I know what kind of RDP I'm using? I am connectiong from a Windows 7 macihine to a Windows Server 2008 machine (equivalent of Vista). Does it have the RC4 encryption, where can I check that?

 

COPSSH etc. - I don't know enough about networking to understand all you say in the 2nd paragraph. I would just like to be able to use WOL over WAN, just for learning, not super-secure.

 

Also, someone please answer my 1se and 2nd question from the previous post please.

 

Thank you!



#11 technonymous

technonymous

  • Members
  • 2,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:52 AM

Posted 06 March 2015 - 09:37 PM

1. Yes, RDP. Under start button/all programs/accessories/remote desktop connection. This is where you create a profile before login.

 

2. You create a profile enabling features and save it before login. This should fix the sound. However, you may have a older RDP not supporting all the features and may need to upgrade it. http://support.microsoft.com/kb/2923545 The latest release is 8.1 version.



#12 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 07 March 2015 - 10:44 AM

I tired all settings under there and nothing fixed the sound problem. How do I check the current RDP version installed on my system? How can I see if it usese RC4 encryption? Thank you.



#13 technonymous

technonymous

  • Members
  • 2,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:52 AM

Posted 08 March 2015 - 04:27 AM

Right click the exe file and look at details. It's in %windir%\system32\mstsc.exs If it says...6.3.9600.16415 you have the latest. RDP uses RC4 128bit default. You can check by monitoring packets. Get a packet analyzer like Wireshark.



#14 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 08 March 2015 - 09:51 AM

I took a look and yes, that's the version I have - the latest one. So I'm safe then? How can I see the type of security with Wireshark? What would I filter? I'm quite new to Wireshark. Is RC4 OK regarding security? Is there any simple way to improve RDP security?



#15 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:06:52 PM

Posted 08 March 2015 - 09:47 PM

I'd really appreciate any more info on the subject.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users