RDP (Remote Desktop Protocol) is a network communications protocol developed by Microsoft, which allows users to remotely connect to another computer. It is an extension of the T.120 protocols, which are standard protocols, as part of the ITU (International Telecommunications Union).
We’ll start with a technical explanation of how RDP works. For basic information about RDP, as well as a discussion of typical RDP uses, see “The Simplified RDP Story” below.
RDP provides a graphical interface for remotely connecting one computer to another. To use RDP, the user originating the RDP connection request must be using a computer that is running RDP client software. The computer that is being accessed must be running RDP server software, which allows the client to connect remotely. Once connected, the user originating the request will be able to see the desktop of the computer to which they are connecting through RDP.
Currently, some version of RDP is available for all common operating systems, including Windows, Linux, Unix, Mac, iOS, Android, and others.
The most broadly known RDP client software is the one provided by Microsoft, which is currently called “Remote Desktop Connection”. Previously, it was called the “Terminal Services Client”, so older resources on the subject may refer to “Terminal Services” instead of RDP.
All current Windows operating systems, including both Windows desktop and Windows server versions, come with a built-in terminal server for remote desktop connection. Many non-Microsoft RDP clients and RDP servers are available as well, including an open source client called “rdesktop”. The rdesktop client is run through the command line. There are numerous graphical user interface clients available, built on top of the functionality provided by rdesktop.
In addition to being used to access computers that are located remotely, Microsoft uses RDP in its Azure cloud-computing solution to serve virtual computers to users.
There are alternative methods to RDP, which allow the implementation of remote desktops without relying on the RDP protocol to provide desktop services; Ericom Connect is one such solution.
How RDP Works
RDP transmits screen information from the remote terminal server to the client, and keyboard and mouse inputs from the client to the remote server. Communications between the client and the terminal server are highly asymmetrical: A lot of data flows from the server to the client, and not much from the client to the server (the graphical screen information comprises much more data than do keyboard and mouse inputs).
RDP relies on additional protocols to establish the connection between the two devices and to transfer the data. It uses TPKT to enable the exchange of information units, X.224 to set up the connection, and T.125 MCS to enable multiple channels.
Some key features of RDP include:
- 128-bit encryption
- 32-bit color support
- Audio, file system, printer, and port redirection to allow users to connect to local resources from within a terminal session
- Support for a number of different network topologies
RDP has many known security issues. The use of the protocol in Microsoft’s cloud computing solution results in hackers being especially interested in finding and exploiting vulnerabilities. As with any software, it’s important to keep RDP updated to the latest version. Here are some of the major known vulnerabilities in earlier RDP versions:
- In May 2019 a patch was released to fix a major vulnerability known as “BlueKeep” which allowed for the possibility of remote code execution. According to Microsoft, the vulnerability was “wormable,” meaning it could be self-propagating, which could cause widespread problems.
- Version 6.1 can reveal all the usernames and pictures of users on RDP servers.
- In March 2012 a vulnerability that was fixed with a critical security update could have allowed computers to be compromised by worms and unauthenticated clients.
- Version 5.2 is vulnerable to “man-in-the-middle” attacks, where a hacker can eavesdrop on sessions, or hijack sessions.
Security experts recommend the following precautions for keeping RDP secure:
- Follow strong password protocols, enable multi-factor authorization, and put in place lock-out policies to block brute force attacks.
- Put RDP ports behind a firewall that can only be accessed using a VPN.
- Don't allow RDP to be used for administrator accounts.
- Specific trusted hosts should be whitelisted.
- When you are not using RDP, secure the ports it uses.
- Enable automatic updates for the client/server software you are using so that you can be sure you always have the latest version, in which known security vulnerabilities are fixed.
The Simplified RDP Story
With client software that uses RDP, one can connect to any computer that runs Windows or another compatible operating system. For instance, if you want to access your PC from a laptop or other device, you can connect to the remote PC using RDP, view the content on the remote display, and interact as if you are working locally on that machine.
Examples of RDP uses
When you travel for business or go on vacation, sometimes you will need access to your workplace computer. Using Remote Desktop Protocol makes it very easy for you to work from anywhere in the world.
Working from home?
Working from home is a common occurrence, and there are many reasons that could prevent you from going into the office. However, you still need to fulfill your daily tasks. With RDP, you can access your office computer from the comfort of your home.
Are you a system admin?
Remote Desktop Protocol allows you to perform administrative tasks such as PC tune up, computer troubleshooting, ID protection settings, software installation, printer set-up, and email set-up, as well as virus and spyware removal. Using RDP, software technicians and technical support agents can provide maintenance for a computer from afar.
Need to give a demo?
You can easily use Remote Desktop Protocol for demonstrations of processes or software applications that are usually accessible only from your office. With RDP you can access the data from any private device. This means you can prepare the demonstration on your office computer, and display it on another device elsewhere, such as in a conference room, or in a client’s offices.
Want to personalize your remote desktop?
You can customize many elements in order to create a personalized remote desktop experience. Customizable elements include resolution, screen settings, connection settings, the start menu, toolbar, desktop icons, and more.
Need more computing power?
With RDP you can access a powerful workstation in the office using a much less capable machine from home, or on the road.
Do you have more questions about RDP and how it applies to your specific case? Email our experts.
Learn why Microsoft Remote Desktop access (RDP) alone is not enough and discover why Ericom Connect is a better choice for your secure remote access needs.