Showing posts from June, 2019

How Secure is RDP?

Hands up if you have following setup/practices in your organization: A RDP server (Terminal server) that everyone can jump onto. Apart from the IT admins, some users have local admin rights on the box, just so they can run or configure a particular application. To help troubleshooting an issue, your IT admins often RDP to servers directly from user's laptop, which the user is a local admin. A group of users have local admin rights on a particular Windows box, and your Domain Admins also need to RDP to from time to time. If any of above scenario applies to your organization, you might want to consider introducing some changes. This is why: It is well known that Windows Remote Desktop Service has this feature that allows you to connect to another user's session. But obviously you will need to know the other user's credential to do that, right? No, not necessarily. With NT AUTHORITY/SYSTEM account, you can hijack the user's RDP session without the nee