Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Sunday, September 19, 2010 8:21 AM
Dear All
i got a report from security team that i have this weakness on several servers in my domain, what i have to do here?
Thanks
All replies (4)
Sunday, September 19, 2010 9:50 AM ✅Answered
The short answer:
Mutual Authentication
Depending on your environment, there are going to be different paths in order to achieve this goal.
If your running a Win 2003 domain, this should help:
How to configure a Windows Server 2003 terminal server to use TLS for server authentication
http://support.microsoft.com/kb/895433
Or if your running a Win 2008 domain, this provides some good info:
Configuring Terminal Servers for Server Authentication to Prevent “Man in the Middle” Attacks
http://blogs.msdn.com/b/rds/archive/2008/07/21/configuring-terminal-servers-for-server-authentication-to-prevent-man-in-the-middle-attacks.aspx
Sunday, September 19, 2010 5:02 PM
> Mutual Authentication
this is not quite correct statement, because RDP don't support mutual authentication. Mutual authentication is supported by using external means, such IPsec.
Monday, September 20, 2010 1:48 AM
Thank you for the correction Vadims.
I apologize if my answer was interpreted as meaning that RPD did the actual mutual authentication as I meant that mutual authentication was a means to avoid MITM attacks.
Friday, February 27, 2015 9:39 AM | 1 vote
Hi,
I need to enable NLA with SSL on windows server 2012 R2 server, I could able enable network level authentication from remotesettings but i am not able to assign a SSL certificate to use, this i can assign it in windows server 2008 R2,
can you please provide any doc/reference for the same?
Please help me on this.
Thanks
Anil