Remote desktop connection security
This webpage from microsoft says that a virus can be introduced on the local computer by the remote computer when connected via RDP: http://windows.microsoft.com/en-PK/windows7/What-are-the-risks-of-running-a-Remote-Desktop-Protocol-rdp-file My question is whether the reverse is also possible: can a virus be introduced from the local computer to the remote computer while connected via RDP? Thanks!
May 27th, 2012 6:13pm

Whenever you share resources, then there is a potencial to virus/malware transfer. Lower the chance for viruses to get into by using effective antivirus program and current AV database. M.
Free Windows Admin Tool Kit Click here and download it now
May 28th, 2012 5:46am

While true, that article is overly catastrophic about the consequences of a simple Terminal Server session. The major risk actually comes from sharing your drives to the server as Milos said. Doing so, more or less, amounts to plug your HD/CD/USB/whatever directly on the server so that machine has access too. But that don't implies automagically that your PC will be infected of anything. The worst it can do is that, if a virus is wreaking havoc in the server, it may decide to delete some files on your shares too (which is relative unlikely today) or to spread copies of itself to your HD. Your antivirus cannot do anything about the deletion, but it will catch a virus copying and will act against it. Even if not, for a virus to be harmful it must be RUN, and that cannot happen while in the remote session, unless you make a mistake. The reverse is NOT possible though, even is your PC is infected, since it will NEVER see directly the server hard disk, a virus cannot do anything on it. Note that the former menace is totally neutralized if you do NOT share your drives with the server. There is a greater and more likely risk totally unmentioned. The RDP protocol itself is not great in terms of network security, and it may be cracked if someone really wants to. Specially over internet, it poses some risk to open such a channel, if it ever becomes cracked, anyone can have access to the server. Not a sure thing, but not to overlook if you're paranoid with security.
May 28th, 2012 7:40pm

Hi, Generally, the system always stays with the risk of being infected with the virus while it is connecting to the Internet. To reduce the risk, we should scan for virus regularly and do not access the untrusted websites.Kim Zhou TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
May 29th, 2012 4:31am

Alejandro, thanks a lot for the comprehensive response. In your second paragraph, it seems that you are saying that it isn't possible for the PC to infect the remote server through RDP without a drive mapping. I am far from an expert on viruses, but I wonder what gives you so much confidence? I think a virus on the PC could be waiting for an open RDP connection to the server and then either copy itself to the server through the RDP protocol (is sharing drives mandatory for all copying to occur?) OR it could initiate commands to open an internet connection from the server to a virus hosting website and initiate commands to the website to download viruses to the server. At a minimum, a virus could perform any mouse and keyboard commands of a user and a user could certainly accidentally infect the server accidentally on his own. Consequently, it seems possible for a virus to infect the server via the PC. Is my reasoning wrong?
June 1st, 2012 12:22pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics