Remote Desktop Protocol
Encyclopedia
Remote Desktop Protocol (RDP) is a proprietary protocol
developed by Microsoft
, which provides a user with a graphical interface
to another computer. The protocol is an extension of the ITU-T T.128
application sharing protocol. Clients exist for most versions of Microsoft Windows
(including Windows Mobile
), Linux
, Unix
, Mac OS X
, Android, and other modern operating system
s. By default the server listens on TCP
port
3389.
Microsoft currently refers to their official RDP server software as Remote Desktop Services, formerly "Terminal Services". Their official client software is currently referred to as Remote Desktop Connection, formerly "Terminal Services Client".
except Windows XP Home Edition, Windows Server 2003
, Windows Home Server
, on Windows Fundamentals for Legacy PCs
, in Windows Vista
Ultimate, Enterprise and Business editions, Windows Server 2008 and Windows Server 2008 R2 and on Windows 7 Professional and above.
Microsoft provides the client required for connecting to newer RDP versions for downlevel operating systems. Since the server improvements are not available downlevel, the features introduced with each newer RDP version only work on downlevel operating systems when connecting to a higher version RDP server from these older operating systems, and not when using the RDP server in the older operating system.
recommendation series, the first version of RDP (named version 4.0) was introduced by Microsoft with "Terminal Services", as a part of their product Windows NT 4.0 Server, Terminal Server Edition
. The Terminal Services Edition of NT 4.0 relied on Citrix's MultiWin technology, previously provided as a part of Citrix WinFrame
atop Windows NT 3.51, in order to support multiple users and login sessions simultaneously. Microsoft required Citrix to license their MultiWin technology to Microsoft in order to be allowed to continue offering their own terminal services product, then named Citrix MetaFrame, atop Windows NT 4.0. The Citrix provided DLLs included in Windows NT 4.0 Terminal Services Edition still carry a Citrix copyright rather than a Microsoft copyright. Later versions of Windows integrated the necessary support directly.
, included support for 24-bit color and sound. The client is available for Windows 2000
, Windows 9x
, Windows NT 4.0
. With this version, the name of the client was changed from Terminal Services Client to Remote Desktop Connection.
, included support for console mode connections, a session directory, and local resource mapping. It also introduces Transport Layer Security (TLS) 1.0 for server authentication, and to encrypt terminal server communications. This version is built into Windows XP Professional x64 Edition and Windows Server 2003 x64 & x86 Editions.
and incorporated support for Windows Presentation Foundation
applications, Network Level Authentication
, multi-monitor spanning and large desktop support, and support for TLS 1.0
connections.
Version 6.0 client is available for Windows XP SP2, Windows Server 2003 SP1/SP2 (x86 and x64 editions) and Windows XP Professional x64 Edition. Microsoft Remote Desktop Connection Client for Mac OS X is also available with support for Intel and PowerPC Mac OS versions 10.4.9 and greater.
docking. The RDP 7.0 client is available on Windows XP SP3 and Windows Vista SP1/SP2. RDP 6.1 client and RDP 7.0 client are not supported on Windows Server 2003 x86 and Windows Server 2003 / Windows XP Professional x64 editions. RDP 7.0 clients also do not support connecting to terminal servers running Windows 2000 Server.
Most RDP 7.0 features like Aero glass remoting, bidirectional audio, Windows Media Player redirection, true multiple monitor support, Remote Desktop Easy Print are only available in Windows 7 Enterprise or Ultimate editions.
functionality.
The following features were introduced with the release of RDP 6.0 in 2006:
. Administrators can enable transport layer encryption to mitigate this risk.
RDP sessions are also susceptible to in-memory credential harvesting, which can be used to launch pass the hash
attacks.
is commonly-used on Linux/Unix operating systems. There are many GUI clients, like tsclient
and KRDC
, which are built on top of rdesktop. In 2009, rdesktop was forked as FreeRDP
, a new project aiming at modularizing the code, addressing various issues, and implementing new features. The current most popular front-end to FreeRDP is Remmina. An open-source implementation of a Remote Desktop Protocol server on Linux is xrdp. One can use Windows' Remote Desktop Connection client to connect to a server running xrdp. Feature rich and proprietary RDP client solutions such as rdpclient are available from from Wyse Technology as a stand alone application or embedded with client hardware.
Proprietary protocol
In telecommunications, a proprietary protocol is a communications protocol owned by a single organization or individual.-Enforcement:Proprietors may enforce restrictions through patents and by keeping the protocol specification a trade secret...
developed by Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
, which provides a user with a graphical interface
Graphical user interface
In computing, a graphical user interface is a type of user interface that allows users to interact with electronic devices with images rather than text commands. GUIs can be used in computers, hand-held devices such as MP3 players, portable media players or gaming devices, household appliances and...
to another computer. The protocol is an extension of the ITU-T T.128
T.120
T.120 is an ITU-T recommendation that describes a series of communication and application protocols and services that provide support for real-time, multipoint data communications...
application sharing protocol. Clients exist for most versions of Microsoft Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
(including Windows Mobile
Windows Mobile
Windows Mobile is a mobile operating system developed by Microsoft that was used in smartphones and Pocket PCs, but by 2011 was rarely supplied on new phones. The last version is "Windows Mobile 6.5.5"; it is superseded by Windows Phone, which does not run Windows Mobile software.Windows Mobile is...
), Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
, Unix
Unix
Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...
, Mac OS X
Mac OS X
Mac OS X is a series of Unix-based operating systems and graphical user interfaces developed, marketed, and sold by Apple Inc. Since 2002, has been included with all new Macintosh computer systems...
, Android, and other modern operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
s. By default the server listens on TCP
Transmission Control Protocol
The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
port
Computer port (software)
In computer programming, port has a wide range of meanings.A software port is a virtual/logical data connection that can be used by programs to exchange data directly, instead of going through a file or other temporary storage location...
3389.
Microsoft currently refers to their official RDP server software as Remote Desktop Services, formerly "Terminal Services". Their official client software is currently referred to as Remote Desktop Connection, formerly "Terminal Services Client".
History
Every Windows version beginning with Windows XP (excluding 'Home' edition) includes an installed Remote Desktop Connection (RDC) ("Terminal Services") client (mstsc.exe) whose version is determined by that of the operating system or last applied Windows Service Pack. The Terminal Services server is supported as an official feature on Windows NT 4.0 Terminal Server Edition, Windows 2000 Server, all editions of Windows XPWindows XP
Windows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
except Windows XP Home Edition, Windows Server 2003
Windows Server 2003
Windows Server 2003 is a server operating system produced by Microsoft, introduced on 24 April 2003. An updated version, Windows Server 2003 R2, was released to manufacturing on 6 December 2005...
, Windows Home Server
Windows Home Server
Windows Home Server, code-named Quattro, is a home server operating system from Microsoft. Announced on 7 January 2007, at the Consumer Electronics Show by Bill Gates, Windows Home Server is intended to be a solution for homes with multiple connected PCs to offer file sharing, automated backups,...
, on Windows Fundamentals for Legacy PCs
Windows Fundamentals for Legacy PCs
Windows Fundamentals for Legacy PCs is a thin client operating system from Microsoft, based on Windows XP Embedded, but optimized for older, less powerful hardware. It was released on 8 July 2006...
, in Windows Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
Ultimate, Enterprise and Business editions, Windows Server 2008 and Windows Server 2008 R2 and on Windows 7 Professional and above.
Microsoft provides the client required for connecting to newer RDP versions for downlevel operating systems. Since the server improvements are not available downlevel, the features introduced with each newer RDP version only work on downlevel operating systems when connecting to a higher version RDP server from these older operating systems, and not when using the RDP server in the older operating system.
Version 4.0
Based on the ITU-T T.128 application sharing protocol (during draft also known as "T.share") from the T.120T.120
T.120 is an ITU-T recommendation that describes a series of communication and application protocols and services that provide support for real-time, multipoint data communications...
recommendation series, the first version of RDP (named version 4.0) was introduced by Microsoft with "Terminal Services", as a part of their product Windows NT 4.0 Server, Terminal Server Edition
Windows NT 4.0
Windows NT 4.0 is a preemptive, graphical and business-oriented operating system designed to work with either uniprocessor or symmetric multi-processor computers. It was the next release of Microsoft's Windows NT line of operating systems and was released to manufacturing on 31 July 1996...
. The Terminal Services Edition of NT 4.0 relied on Citrix's MultiWin technology, previously provided as a part of Citrix WinFrame
Citrix WinFrame
WinFrame was a multi-user version of Windows NT 3.51 which was fully repackaged by Citrix Systems. At this stage of the product development Citrix Systems licensed the Windows NT 3.51 base operating system from Microsoft. The core development that Citrix delivered was the MultiWin engine. This...
atop Windows NT 3.51, in order to support multiple users and login sessions simultaneously. Microsoft required Citrix to license their MultiWin technology to Microsoft in order to be allowed to continue offering their own terminal services product, then named Citrix MetaFrame, atop Windows NT 4.0. The Citrix provided DLLs included in Windows NT 4.0 Terminal Services Edition still carry a Citrix copyright rather than a Microsoft copyright. Later versions of Windows integrated the necessary support directly.
Version 5.0
introduced with Windows 2000 Server, added support for a number of features, including printing to local printers, and aimed to improve network bandwidth usage.Version 5.1
introduced with Windows XP ProfessionalWindows XP
Windows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
, included support for 24-bit color and sound. The client is available for Windows 2000
Windows 2000
Windows 2000 is a line of operating systems produced by Microsoft for use on personal computers, business desktops, laptops, and servers. Windows 2000 was released to manufacturing on 15 December 1999 and launched to retail on 17 February 2000. It is the successor to Windows NT 4.0, and is the...
, Windows 9x
Windows 9x
Windows 9x is a generic term referring to a series of Microsoft Windows computer operating systems produced since 1995, which were based on the original and later modified Windows 95 kernel...
, Windows NT 4.0
Windows NT 4.0
Windows NT 4.0 is a preemptive, graphical and business-oriented operating system designed to work with either uniprocessor or symmetric multi-processor computers. It was the next release of Microsoft's Windows NT line of operating systems and was released to manufacturing on 31 July 1996...
. With this version, the name of the client was changed from Terminal Services Client to Remote Desktop Connection.
Version 5.2
introduced with Windows Server 2003Windows Server 2003
Windows Server 2003 is a server operating system produced by Microsoft, introduced on 24 April 2003. An updated version, Windows Server 2003 R2, was released to manufacturing on 6 December 2005...
, included support for console mode connections, a session directory, and local resource mapping. It also introduces Transport Layer Security (TLS) 1.0 for server authentication, and to encrypt terminal server communications. This version is built into Windows XP Professional x64 Edition and Windows Server 2003 x64 & x86 Editions.
Version 6.0
was introduced with Windows VistaWindows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
and incorporated support for Windows Presentation Foundation
Windows Presentation Foundation
Developed by Microsoft, the Windows Presentation Foundation is a computer-software graphical subsystem for rendering user interfaces in Windows-based applications. WPF, previously known as "Avalon", was initially released as part of .NET Framework 3.0. Rather than relying on the older GDI...
applications, Network Level Authentication
Network Level Authentication
Network Level Authentication is a technology used in Remote Desktop Services or Remote Desktop Connection that requires the connecting user to authenticate themselves before a session is established with the server. Originally, if you opened an RDP to a server it would load the login screen...
, multi-monitor spanning and large desktop support, and support for TLS 1.0
Transport Layer Security
Transport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
connections.
Version 6.0 client is available for Windows XP SP2, Windows Server 2003 SP1/SP2 (x86 and x64 editions) and Windows XP Professional x64 Edition. Microsoft Remote Desktop Connection Client for Mac OS X is also available with support for Intel and PowerPC Mac OS versions 10.4.9 and greater.
Version 6.1
was released in February 2008 and is included with Windows Server 2008, as well as with Windows Vista Service Pack 1. The client is included with Windows XP Service Pack 3. It is also installable through KB952155 for Windows XP SP2. In addition to changes related to how a remote administrator connects to the "console", this version incorporates new functionality introduced in Windows Server 2008, such as connecting remotely to individual programs and a new Terminal Services Easy Print driver, a new client-side printer redirection system that makes the client's full print capabilities available to applications running on the server, without having to install print drivers on the server.Version 7.0
was released to manufacturing in July 2009 and is included with Windows Server 2008 R2, as well as with Windows 7. With this release, the server name was also changed from Terminal Services to Remote Desktop Services. This version incorporates new functionality such as Windows Media Player redirection, bidirectional audio, true multimonitor support, Aero glass support, enhanced bitmap acceleration (which improves user experience over high latency network connections), Easy Print redirection, Language BarText Services Framework
The Text Services Framework , is a COM framework and API in Windows XP and later Windows operating systems that supports advanced text input and text processing. The Text Services Framework is designed to offer advanced language and word processing features to applications...
docking. The RDP 7.0 client is available on Windows XP SP3 and Windows Vista SP1/SP2. RDP 6.1 client and RDP 7.0 client are not supported on Windows Server 2003 x86 and Windows Server 2003 / Windows XP Professional x64 editions. RDP 7.0 clients also do not support connecting to terminal servers running Windows 2000 Server.
Most RDP 7.0 features like Aero glass remoting, bidirectional audio, Windows Media Player redirection, true multiple monitor support, Remote Desktop Easy Print are only available in Windows 7 Enterprise or Ultimate editions.
Version 7.1
This version appeared in Windows 7 SP1 and Server 2008 R2 SP1. It adds RemoteFXRemoteFX
RemoteFX is a technology first introduced in Windows Server 2008 R2 SP1 that is designed to improve the visual experience of the Remote Desktop Protocol. RemoteFX is based on intellectual property that Microsoft acquired and continued to develop since acquiring Calista Technologies...
functionality.
Features
- 32-bit color support. 8-, 15-, 16-, and 24-bit color are also supported.
- 128-bit encryption, using the RC4RC4In cryptography, RC4 is the most widely used software stream cipher and is used in popular protocols such as Secure Sockets Layer and WEP...
encryption algorithm, as of Version 6. - Audio Redirection allows users to run an audio program on the remote desktop and have the sound redirected to their local computer.
- File System Redirection allows users to use their local files on a remote desktop within the terminal session.
- Printer Redirection allows users to use their local printer within the terminal session as they would with a locally or network shared printer.
- Port Redirection allows applications running within the terminal session to access local serial and parallel ports directly.
- The clipboard can be shared between the remote computer and the local computer.
- Seamless Windows: Remote applications can run on a client machine that is served by a Remote Desktop connection. It uses virtual channel method, and available since RDP 5.
- RemoteFXRemoteFXRemoteFX is a technology first introduced in Windows Server 2008 R2 SP1 that is designed to improve the visual experience of the Remote Desktop Protocol. RemoteFX is based on intellectual property that Microsoft acquired and continued to develop since acquiring Calista Technologies...
: RemoteFX provides virtualized GPU support and host side encoding and is being shipped as part of Windows Server 2008 R2 SP1.
The following features were introduced with the release of RDP 6.0 in 2006:
- Remote Programs: Application publishing with client-side file type associations.
- Terminal Services Gateway: Enables the ability to use a front-end IIS server to accept connections (over port 443) for back-end Terminal Services servers via an httpsHttpsHypertext Transfer Protocol Secure is a combination of the Hypertext Transfer Protocol with SSL/TLS protocol to provide encrypted communication and secure identification of a network web server...
connection, similar to how RPCRemote procedure callIn computer science, a remote procedure call is an inter-process communication that allows a computer program to cause a subroutine or procedure to execute in another address space without the programmer explicitly coding the details for this remote interaction...
over https allows Outlook clients to connect to a back-end Exchange 2003 server. Requires Windows Server 2008 - Network Level AuthenticationNetwork Level AuthenticationNetwork Level Authentication is a technology used in Remote Desktop Services or Remote Desktop Connection that requires the connecting user to authenticate themselves before a session is established with the server. Originally, if you opened an RDP to a server it would load the login screen...
- Support for remoting the Aero GlassWindows AeroWindows Aero is the graphical user interface and the default theme in most editions of Windows Vista and Windows 7, operating systems released by Microsoft. It is also available in Windows Server 2008, but is not enabled by default. Its name is a backronym for Authentic, Energetic, Reflective and...
Theme (or Composed Desktop), including ClearTypeClearTypeClearType is a trademark for Microsoft's implementation of subpixel rendering technology. ClearType attempts to improve the appearance of text on certain types of computer display screens by sacrificing color fidelity for additional intensity variation. This trade-off is asserted to work well on...
font smoothing technology. - Support for remoting of Windows Presentation FoundationWindows Presentation FoundationDeveloped by Microsoft, the Windows Presentation Foundation is a computer-software graphical subsystem for rendering user interfaces in Windows-based applications. WPF, previously known as "Avalon", was initially released as part of .NET Framework 3.0. Rather than relying on the older GDI...
applications: Compatible clients that have .NET Framework 3.0 support will be able to display full Windows Presentation FoundationWindows Presentation FoundationDeveloped by Microsoft, the Windows Presentation Foundation is a computer-software graphical subsystem for rendering user interfaces in Windows-based applications. WPF, previously known as "Avalon", was initially released as part of .NET Framework 3.0. Rather than relying on the older GDI...
effects on a local machine. - Rewrite of device redirection to be more general-purpose, allowing a greater variety of devices to be accessed.
- Fully configurable and scriptable via Windows Management InstrumentationWindows Management InstrumentationWindows Management Instrumentation is a set of extensions to the Windows Driver Model that provides an operating system interface through which instrumented components provide information and notification...
. - Improved bandwidth tuning for RDP clients.
- Support for Transport Layer SecurityTransport Layer SecurityTransport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
(TLS) 1.0 on both server and client ends (can be negotiated if both parties agree, but is not mandatory in a default configuration of any version of Windows). - Multiple monitor support for allowing one session to use multiple monitors on the client (disables desktop composition)
Security issues
The RDP protocol in its default configuraton is vulnerable to a man-in-the-middle attackMan-in-the-middle attack
In cryptography, the man-in-the-middle attack , bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other...
. Administrators can enable transport layer encryption to mitigate this risk.
RDP sessions are also susceptible to in-memory credential harvesting, which can be used to launch pass the hash
Pass the hash
Pass the hash is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LM hash of a user's password, instead of using the cleartext password as is normally the case....
attacks.
Non-Microsoft implementations
There are numerous non-Microsoft implementations of RDP clients and servers. The open-source command-line client rdesktopRdesktop
rdesktop is a free, open source client for Microsoft's proprietary RDP protocol. It is released under the GNU General Public License and is available on Unix-like systems such as BSD and Linux....
is commonly-used on Linux/Unix operating systems. There are many GUI clients, like tsclient
Tsclient
tsclient is a frontend for rdesktop and other remote desktop tools, which allow remotely controlling one computer from another. It is a GNOME application...
and KRDC
KRDC
KRDC is the KDE Remote Desktop Client. KRDC was overhauled as part of the Google Summer of Code 2007 by Urs Wolfer and other developers to be included in the KDE 4.0...
, which are built on top of rdesktop. In 2009, rdesktop was forked as FreeRDP
FreeRDP
FreeRDP is a free, open source clientfor Microsoft's proprietary RDP protocol.It is released under the GNU General Public License and is available on...
, a new project aiming at modularizing the code, addressing various issues, and implementing new features. The current most popular front-end to FreeRDP is Remmina. An open-source implementation of a Remote Desktop Protocol server on Linux is xrdp. One can use Windows' Remote Desktop Connection client to connect to a server running xrdp. Feature rich and proprietary RDP client solutions such as rdpclient are available from from Wyse Technology as a stand alone application or embedded with client hardware.
See also
- Comparison of remote desktop software
- Independent Computing ArchitectureIndependent Computing ArchitectureIndependent Computing Architecture is a proprietary protocol for an application server system, designed by Citrix Systems. The protocol lays down a specification for passing data between server and clients, but is not bound to any one platform....
- Desktop virtualizationDesktop virtualizationDesktop virtualization , as a concept, separates a personal computer desktop environment from a physical machine using the client–server model of computing....
- SPICESPICE (protocol)In computing, SPICE is a remote-display system built for virtual environments which allows users to view a computing "desktop" environment - not only on its compute-server machine, but also from anywhere on the Internet and using a wide variety of machine architectures.Qumranet originally...
External links
- Technical Overview of Terminal Services - a more detailed feature list.
- Remote Desktop Protocol - from Microsoft's Developer Network
- Understanding the Remote Desktop Protocol - from support.microsoft.com
- MS-RDPBCGR: Remote Desktop Protocol: Basic Connectivity and Graphics Remoting Specification - from Microsoft's Developer Network
- Wallix Admin Bastion is an RDP proxy that allows to record RDP session and to control access to remote systems.