RDP (Remote Desktop Protocol) is a secure network communication protocol that Microsoft bought from Polycom. It allows users to connect to their computers remotely and securely. In addition, RDP is used by network administrators and DevOps teams for remote system maintenance, diagnostics, and repair. It is also used to support network topologies and LAN protocols.
What does the term “remote desktop" mean?
Remote desktop is a technology that allows remote control of a computer or server over the Internet. This is often used by IT administrators who manage multiple users ' devices simultaneously using Windows Server with Remote Desktop Service enabled or a terminal server.
It is worth noting that users sometimes confuse RDP with cloud computing, since both technologies allow you to work remotely. In fact, the similarity between RDP and the cloud ends with remote access.
In a cloud environment, users can access files and applications stored on cloud servers, rather than on their desktop computer's hard drive. In contrast, RDP connects users directly to desktop computers, allowing them to access files and run applications as if they were physically sitting in front of that computer. Both tools are useful for remote work, but they work completely differently.
What functions does RDP have?
Smart card authentication. Allows users to access the remote desktop using certificates stored on smart cards.
Compression of data transmission when connecting to the server. RDP allows you to optimize network bandwidth, since most of the user's screen is not updated, which eliminates the need for retransmission of data.
Using multiple displays. This feature is available to IT administrators who can connect to multiple users ' devices and displays.
GPU virtualization. RDP has a set of RemoteFX protocols that allows remote delivery of virtual desktops over local networks. RemoteFX provides a better user experience because it provides advanced graphics encoding and virtualization.
Redirecting audio. It allows you to redirect audio from the remote desktop to the user's computer.
Redirecting the file system. It allows you to send files from a controlled device to remote computers.
Print redirection. Applications running in a remote desktop session can use a printer connected to the client device for printing.
Port forwarding. Applications running within a remote desktop session can access local ports.
How does RDP work?
RDP requires users to install client software on the machine they are connecting from and server software on the machine they are connecting to. After connecting to a remote computer, remote users see the same graphical user interface (GUI) of the desktop and access files and applications in the same way as if they were working locally.
The RDP client and server software communicate via network port 3389, using the TCP/IP transport protocol to transmit mouse movements, keystrokes, and other data. RDP encrypts all transmitted data so that attackers cannot intercept it. Due to the graphical interface, the interaction between the client and server is highly asymmetric. While the client transmits only relatively little mouse and keyboard input, the server must transmit a large amount of GUI data.
Advantages and disadvantages of RDP.
Advantages:
Disadvantages:
RDP and Cybersecurity
Despite all its security features, RDP is subject to two major security flaws:
And how to solve these problems?
Just follow these steps:
What does the term “remote desktop" mean?
Remote desktop is a technology that allows remote control of a computer or server over the Internet. This is often used by IT administrators who manage multiple users ' devices simultaneously using Windows Server with Remote Desktop Service enabled or a terminal server.
It is worth noting that users sometimes confuse RDP with cloud computing, since both technologies allow you to work remotely. In fact, the similarity between RDP and the cloud ends with remote access.
In a cloud environment, users can access files and applications stored on cloud servers, rather than on their desktop computer's hard drive. In contrast, RDP connects users directly to desktop computers, allowing them to access files and run applications as if they were physically sitting in front of that computer. Both tools are useful for remote work, but they work completely differently.
What functions does RDP have?
Smart card authentication. Allows users to access the remote desktop using certificates stored on smart cards.
Compression of data transmission when connecting to the server. RDP allows you to optimize network bandwidth, since most of the user's screen is not updated, which eliminates the need for retransmission of data.
Using multiple displays. This feature is available to IT administrators who can connect to multiple users ' devices and displays.
GPU virtualization. RDP has a set of RemoteFX protocols that allows remote delivery of virtual desktops over local networks. RemoteFX provides a better user experience because it provides advanced graphics encoding and virtualization.
Redirecting audio. It allows you to redirect audio from the remote desktop to the user's computer.
Redirecting the file system. It allows you to send files from a controlled device to remote computers.
Print redirection. Applications running in a remote desktop session can use a printer connected to the client device for printing.
Port forwarding. Applications running within a remote desktop session can access local ports.
How does RDP work?
RDP requires users to install client software on the machine they are connecting from and server software on the machine they are connecting to. After connecting to a remote computer, remote users see the same graphical user interface (GUI) of the desktop and access files and applications in the same way as if they were working locally.
The RDP client and server software communicate via network port 3389, using the TCP/IP transport protocol to transmit mouse movements, keystrokes, and other data. RDP encrypts all transmitted data so that attackers cannot intercept it. Due to the graphical interface, the interaction between the client and server is highly asymmetric. While the client transmits only relatively little mouse and keyboard input, the server must transmit a large amount of GUI data.
Advantages and disadvantages of RDP.
Advantages:
- Organizations can opt out of VPNs because RDP provides a secure connection from anywhere in the world;
- Data is securely stored on users ' workstations, so you don't need to move it to cloud servers or store it on unprotected USB devices.;
- Allows you to perform remote work in organizations with legacy on-premises infrastructure, including hybrid cloud environments
Disadvantages:
- RDP connections suffer from latency issues, as all user actions with the keyboard and mouse must be encrypted and then transmitted over the Internet to a remote computer;
- RDP is subject to numerous security vulnerabilities;
- RDP can lead to lower employee productivity.
RDP and Cybersecurity
Despite all its security features, RDP is subject to two major security flaws:
- The first problem is unreliable passwords that users store and use insecurely for multiple accounts. Compromised RDP credentials are a major vector of ransomware attacks.
- The second problem is that the use of port 3389 in RDP connections frees the hands of attackers who use it to conduct MiTM attacks.
And how to solve these problems?
Just follow these steps:
- Restrict access to RDP only to users who absolutely need it, and also restrict access to port 3389;
- Start using multi-factor authentication and work on creating strong passwords;
- Configure firewall rules so that only allowed IP addresses can access port 3389.