1.6. Remote Desktop

Disable Remote Desktop

Remote desktop is easily exploited and should never be enabled.

GPO

Computer Configuration › Administrative Templates › Windows Components › Remote Desktop Services › Remote Desktop Session Host › Connections › Allow users to connect remotely by using Remote Desktop Services

DISABLED

Updated: 2021-02-19 Reference

GPO

Computer Configuration › Administrative Templates › Windows Components › Remote Desktop Services › Remote Desktop Session Host › Security › Require user authentication for remote connections by using network level authentication

ENABLED

Updated: 2021-02-19 Reference

Regedit

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server

fDenyTSConnections

DWORD

1

Updated: 2021-02-19 Reference

Regedit

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

UserAuthentication

DWORD

1

Updated: 2021-02-19 Reference