Securing Windows Remote Desktop

Just a quick list of pointers to help you secure RDP today...

For a while now, I've been using Windows Live Mesh to connect to my home PC's from remote locations. This method was really simple and didn't require any firewall changes on my router. Unfortunately SkyDrive, Live Mesh's successor, does not include this feature so I'll need to use RDP or another service such as LogMeIn.com. LogMeIn is a great service, so I'd recommend using this (even MS is recommending it!)

But for those of you that prefer/need to use RDP, here's a few tips for increasing security:

Change RDP TCP port (done in the registry)

Consider implementing an SSH tunnel

Update account password to strong as possible

rename admin account to non-standard name

disable all other accounts for RDP

If possible, restrict RDP client IP range in router or other firewall

Enable windows firewall for extra protection

Checklist After Configuring
Can other ips can connect?

Can accounts other than the desired one connect?

Further Reading
http://theillustratednetwork.mvps.org/Ssh/RemoteDesktopSSH.html

http://revision3.com/hak5/HackingRDP