The Microsoft Remote Desktop Protocol (RDP) provides remote display and input capabilities over network connections for Windows-based applications running on a server. RDP is designed to support different types of network topologies and multiple LAN protocols.
Note
This topic is for software developers. If you are looking for user information for Remote Desktop, see Windows Support. If you are looking for IT professional information for Remote Desktop, see Remote Desktop Services on TechNet.
Basic Architecture
RDP is based on, and an extension of, the ITU T.120 family of protocols. RDP is a multiple-channel capable protocol that allows for separate virtual channels for carrying device communication and presentation data from the server, as well as encrypted client mouse and keyboard data. RDP provides an extensible base and supports up to 64,000 separate channels for data transmission and provisions for multipoint transmission.
On the server, RDP uses its own video driver to render display output by constructing the rendering information into network packets by using RDP protocol and sending them over the network to the client. On the client, RDP receives rendering data and interprets the packets into corresponding Microsoft Windows graphics device interface (GDI) API calls. For the input path, client mouse and keyboard events are redirected from the client to the server. On the server, RDP uses its own keyboard and mouse driver to receive these keyboard and mouse events.
In a Remote Desktop session, all environment variables—for example, variables determining color depth and wallpaper enabling and disabling—are determined by the RCP-Tcp connection settings. This applies to all functions and methods that set environment variables in the Remote Desktop Web Connection Reference and the Remote Desktop Services WMI Provider interface.
Features
Microsoft RDP includes the following features and capabilities:
Encryption
RDP uses RSA Security's RC4 cipher, a stream cipher designed to efficiently encrypt small amounts of data. RC4 is designed for secure communications over networks. Administrators can choose to encrypt data by using a 56- or 128-bit key.
Bandwidth reduction features
RDP supports various mechanisms to reduce the amount of data transmitted over a network connection. Mechanisms include data compression, persistent caching of bitmaps, and caching of glyphs and fragments in RAM. The persistent bitmap cache can provide a substantial improvement in performance over low-bandwidth connections, especially when running applications that make extensive use of large bitmaps.
A user can manually disconnect from a remote desktop session without logging off. The user is automatically reconnected to their disconnected session when he or she logs back onto the system, either from the same device or a different device. When a user's session is unexpectedly terminated by a network or client failure, the user is disconnected but not logged off.
Clipboard mapping
Users can delete, copy, and paste text and graphics between applications running on the local computer and those running in a remote desktop session, and between sessions.
Print redirection
Applications running within a remote desktop session can print to a printer attached to the client device.
Virtual channels
By using RDP virtual channel architecture, existing applications can be augmented and new applications can be developed to add features that require communications between the client device and an application running in a remote desktop session.
Remote control
Computer support staff can view and control a remote desktop session. Sharing input and display graphics between two remote desktop sessions gives a support person the ability to diagnose and resolve problems remotely.
Network load balancing
RDP takes advantage of network load balancing (NLB), where available.
In addition, RDP contains the following features:
Support for 24-bit color.
Improved performance over low-speed dial-up connections through reduced bandwidth.
Smart Card authentication through Remote Desktop Services.
Keyboard hooking. The ability to direct special Windows key combinations, in full-screen mode, to the local computer or to a remote computer.
Sound, drive, port, and network printer redirection. Sounds that occur on the remote computer can be heard on the client computer running the RDC client, and local client drives will be visible to the remote desktop session.
This is done through the use of stolen credentials or brute forcing weak user credentials. Once an initial foothold is accomplished using RDP, threat actors will move undetected in your environment and deploy malware. This often leads to ransomware infections.
Remote Desktop Protocol (RDP), a secure network communication protocol offered by Microsoft, allows users to execute remote operations on other computers. It facilitates secure information exchange between remotely connected machines over an encrypted communication channel. How secure is Windows RDP?
From the Start menu, search for the Settings app and open it. Select Apps, then select Installed apps. Find or search for Remote Desktop Connection, select the three dots to the right-hand side, then select Uninstall. Confirm you want to uninstall the app by selecting Uninstall.
The ERR_SSL_PROTOCOL_ERROR message often appears due to expired or misconfigured SSL certificates, incorrect date and time settings, outdated browser or OS, mixed content issues, or antivirus or firewall software interference.
Cybercriminals can use RDP's services to elevate privileges, harvest credentials, move laterally to other computers in the same organization, install backdoors to your network, set up fake user accounts, and misdirect your organization's attempts at discovering malicious activity.
For whatever reason (perhaps the admin slacked on patching), the server is secretly infected with malware. Once the user's offsite computer connects to the infected onsite server, the attacker gains access to the offsite computer by traversing the RDP connection.
These are the most important vulnerabilities in RDP: Weak user sign-in credentials. Most desktop computers are protected by a password, and users can typically make this password whatever they want. The problem is that the same password is often used for RDP remote logins as well.
The desktop of the device they are accessing remotely is displayed on the device they are using to connect to it. For this reason, RDP is primarily used by network administrators to access remote users' devices so they can diagnose and resolve users' issues.
Open the "Control Panel" in Windows 10 and click on "System and Security." Click "Allow remote access" in the "System" section. Go to the "Remote" tab. Uncheck the "Allow Remote Assistance connection to this computer" option under the "Remote Assistance" section.
If not coming right back to the session, log off. Disconnected sessions and their applications use up resources on the server that would be better used for active sessions.
The session on the Remote Desktop server does not transition to a disconnected state. Instead, it remains active even though the client is physically disconnected from the Remote Desktop server.
People use remote desktop software for several reasons: To support remote employees with troubleshooting, fixing issues, and remote desktop configuration. To offer technical support to customers, wherever they happen to be. To remote connect to a work computer to access files or use systems while at home or on the go.
For example, if you are getting a TCP/IP error, you can try to reset your TCP/IP stack by using the command netsh int ip reset . If you are getting a HTTP error, you can try to clear your browser cache, cookies, and history, or use a different browser or device.
Code 112F stands for loss of combustion. This code means the ard lit but went out. Most often this is caused by a bad ard head or clogged ard head fittings.
When making an RDP connection with or without TruGrid, one can receive the error message "Protocol Error code:0x112f" or "Protocol Error code:0x112d". This error can sometimes be caused by a display driver problem at the remote computer.
Introduction: My name is Nathanael Baumbach, I am a fantastic, nice, victorious, brave, healthy, cute, glorious person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.
