RDP, What is Remote Desktop Protocol?

RDP refers to Remote Desktop Protocol. The importance of addressing this issue in this IT Topic lies in the hybrid nature of IT environments and ways of working that make it possible for network failures to take place at any time, leaving routers and devices disconnected; even more so when some devices can be redirected to different locations. And this is aggravated if more services and devices are added to the same IP address, changes are made to specific application services or adjustments are made to the WAN network (Wide Area Network), a reality for organizations with a presence in several geographies.

What is RDP and what is it used for?

RDP is a protocol developed and used exclusively by Microsoft that allows users to connect to another computer through a network and control the desktop remotely. It is mainly used for remote system administration, technical support and sometimes for the use of centralized software on a server to which users connect via RDP and are presented with an application as a resource.

How does the RDP work?

RDP is a routing service that provides users with a means to locate a specific device within an IT environment. This involves communication between a client and a server over a network connection. The client connects to the server, allowing users to interact with a desktop through their user as if they were using their own computer. This is accomplished as follows:

1. Connection Request:

• A client device initiates a connection request to a remote server.
• The server responds and begins the linking process.

2. Authentication:

• During the handshake, the client and server negotiate the details of the connection.
• Authentication takes place to verify the user’s identity.
• Connection is encrypted for security.

3. Redirection of graphics and input devices:

• RDP transmits the Graphic User Interface (GUI) from the server to the client.
• User interactions (keyboard, mouse) are sent from the client to the server.

4. Data Transmission Channels:RDP uses separate virtual channels for miscellaneous information:

• Presentation data: GUI items, screen updates.
• Serial Device Communication: Redirected devices (e.g., printers).
• License Information: License validation.
• Highly encrypted data: Keyboard and mouse activity.

5. Multipoint Data Delivery:

• RDP supports multipoint sessions (e.g., virtual whiteboards).
• Data can be delivered in real-time to multiple parties simultaneously.

6. Protocol Stack:

• Application data is transmitted through protocol stacks.
• It is encrypted, framed, and packaged into a network protocol (e.g., TCP/IP).
• The reverse process takes place when the data returns to the client.

RDP is a multi-channel protocol that allows users to connect to a computer running on Microsoft terminal services. By design, RDP can support different network topologies such as lISDN, POTS, and LAN (local area network) protocols, such as IPX, NetBIOS, or TCP/IP.

How to make an RDP connection?

To make a connection to Windows (only available on Windows 10/11 Pro) you need to follow these steps:

1. Enable RDP in Windows 11:

• Open Start → Settings.

• In the settings window, select System.
• Scroll down and click Remote Desktop on the right panel.

• Turn on Remote Desktop on your Windows 11 device.
• Make a note of the name of this team in Team Name; You’ll need it later.

2. Connect to the configured PC:

On your local Windows PC:

• In the search box on the taskbar, type Remote Desktop Connection and select Remote Desktop Connection.
• Type in the name of the PC you want to connect to (the one you wrote down in the previous step) and select Connect.

On your Windows, Android, or iOS device:

• Open the Remote Desktop app (available for free on the Microsoft Store, Google Play, and the App Store for Mac).
• Add the name of the team you want to connect to (from the previous step).
• Select the name of the added remote computer and wait for the connection to complete.

Using Chrome RDP: In addition to Windows, there are third-party options such as Chrome RDP for Google Chrome, as well as specialized programs, such as Pandora RC, which offer additional features such as full auditing, connection management, and flexibility in different environments. To turn it on, follow these steps:

• Go to the Chrome Remote Desktop web.
• Select the type of connection you want (e.g. access your computer or share your screen).

• Click the download button.

• Click the Add to Chrome button to install the Google Chrome Remote Desktop extension.

• Grants the necessary permissions for the installation of the remote desktop.

Other specialized programs:

TemViewer is a software for remote access as well as for control and remote support of computers and other end devices. Their latest innovation has been the integration of TeamViewer Meeting. TeamViewer does not require registration and is free if used for non-commercial purposes.

AnyDesk is a remote desktop software program. It provides two-way remote access between personal computers and is available for all common operating systems.

Is RDP the same as a VPN?

Although both RDP and a VPN allow remote access, they serve different purposes: RDP focuses on direct control of a remote computer’s desktop, while a VPN provides a secure connection to a corporate network, allowing access to network resources securely and privately.

Which is better, a VPN or RDP?

Taking into consideration the differentiation between VPN and RDP, the choice between them depends on the specific requirements of each situation. If safe access to a corporate network is needed, a VPN is the right choice. On the other hand, if you’re looking to manage or support individual systems remotely, RDP is the most appropriate. Both coexist in this situation because, even if you have access to a network through VPN, this does not mean that you have access to computers through RDP, since it must first be deployed and configured together.

Benefits of RDP

Technical advantages:

• Technical assistance is the most widely used use of RDP, allowing IT staff to access any computer in the company to check and solve any technical issue.
• With RDP, you may easily share files between computers in the same company.

Business impact:

• Considering remote work models, RDP can help monitor and support employees. RDP can check at any time what employees are doing by relaying the content on their screens, as well as correct errors in real time.
• Internal organizational communication. RDP software enables internal messaging tools for communication between people in the same company.

As you may see, this technology is extremely useful in addition to simplifying tasks.

What are the risks of RDP?

Like any technology, there are also some risks in using RDP:

• Lack of encryption and risk of data leakage: Without proper encryption, data transmitted through RDP can be intercepted, compromising information confidentiality.
• Vulnerability through RDP port opening: Indiscriminate opening of RDP ports in a firewall can leave data and systems open to external attacks.
• Risk of Administrator Account Compromise: Administrator credentials used to establish RDP connections can be vulnerable to brute force attacks or social engineering.
• Ease of access for possible attacks: Due to its remote access nature, RDP can be targeted for malicious attacks if additional security measures are not implemented.
• Ease for locating RDP: There are platforms or tools that can locate RDP that are exposed due to their configuration, enabling malicious access or even ransomware attacks.

How to Ensure Safe Use of RDP

To mitigate the risks associated with the use of RDP, it is critical to implement security measures, such as:

1. Correct configuration of firewall security policies on the exposed server using RDP.

2. Strong encryption and authentication, by configuring RDP to use advanced-level encryption and Multifactor Authentication (MFA).

3. Regular updates and safe configuration, by constantly updating systems and applying the latest security updates, along with proper RDP security configuration.

Changing the port for access via RDP, having to define a permission structure in Active Directory (AD), limiting user permissions to avoid, in case the system is compromised, direct access to the administration of the IT environment.

Summarizing

While RDP is a tool for remote connectivity and system administration, its use entails significant risks that should be approached with caution. Adequate security measures must be implemented and cybersecurity awareness must be fostered in order to use RDP safely and efficiently, ensuring system integrity and the protection of sensitive information.

However, there are alternatives to the use of RDP (proprietary technology developed by Microsoft), through open source such as Virtual Network Computing (VNC) which is a graphical system for desktop sharing that uses the Remote Frame Buffer (RFB) protocol to remotely control another computer. VNC transmits keyboard and mouse input from one computer to another, transmitting graphical display updates, over a network.

VNC is cross-platform and available for a wide variety of operating systems, including Windows, macOS, and various Linux distributions. The versatility it provides, in addition to not tying you to a Windows ecosystem, is that being open source provides transparency and control over its internal functioning, which makes auditing and customization easier.
As for RFB, this is a remote access protocol to graphical user interfaces. It works at the frame-buffer level, which roughly corresponds to the display of the screen image, meaning it can be applied to all window systems (including X11, Mac® OS, and Microsoft® Windows®).

Now, how does VNC differ from RDP? Although both work with a client-server structure, the use of VNC involves the installation of the server (equipment to be controlled) and client (equipment from which the connection is made), since it is not a native system technology. The server will be listening for client connection requests on port 5900 (default).

Both VNC and RDP, although they can be used outside the local network where it is implemented, are intended as a nest tool within the infrastructure where it is used. Being their configuration a security risk for external use.

Now let’s talk about what’s important:

Pandora RC provides full integration with Pandora FMS, through which you would monitor the equipment to which you will connect. The interaction in the face of a notification of a malfunction that Pandora FMS reported to you, through Pandora RC, is almost immediate without having to use several tools to be able to carry out the resolution of the incident. Simply by clicking on the Pandora RC icon, the agent will be interacting with the affected computer.