One thing worth noting, is that NLA is a windows security construct, so other operating systems or third party tools for RDP are hit or miss on whether it's supported. Even then it only gets you as far as the windows logon screen, so it's still not a free pass, but there are some risks if you happened to encounter someone pretty malicious that knows what they're doing.
However, on an open network, it's easy to get on and sniff for IPs try and exploit.
#DESKTOP CURTAIN MOE PC#
If your PC is behind a firewall, on secured wifi, or on a VPN, a hacker would have to get into that network to be able to even try to access your machine. Now, in terms of real world security risks, I'm generally hesitant to disable it on a laptop, where I could potentially be accessing internet on an open wifi connection. That explains pretty well what NLA means.
#DESKTOP CURTAIN MOE CODE#
This would use up resources on the server, and was a potential area for denial of service attacks as well as remote code execution attacks (see BlueKeep). Originally, if a user opened an RDP (remote desktop) session to a server it would load the login screen from the server for the user. Network Level Authentication (NLA) is a feature of Remote Desktop Services (RDP Server) or Remote Desktop Connection (RDP Client) that requires the connecting user to authenticate themselves before a session is established with the server. Just came across this thread and I've had my challenges with NLA, so even though this is an older issue, I thought I'd offer an answer. What is "Network Level Authentication" ? Does it make the machine more hackable if removed?
I am not entirely sure what it means or the consequences of unchecking the box. The step calls for removing what seems to be a critical security layer around the Microsoft RDP apparatus. Enable RDP connections to the machine by unchecking Control Panel\System and Security\System > Remote settings > " AllowĬonnections only from computers running Remote Desktop with Network.Using Regedit, set HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\RemoteAccessHostRequireCurtain.In particular, I am concerned with step 2 of this process: Steps for all Windows installations: Indeed, one of them is straight from google.
#DESKTOP CURTAIN MOE HOW TO#
Via Google, there are many step-by-step instructions on how to achieve curtain mode. I found the solution called "curtain mode." It makes Chrome Remote Desktop more like MS-RDP (which only shows the login screen while you are accessing it). However, the thought that someone might be sitting in front of the client machine watching (or worse, hijacking) what I'm doing is a serious concern.
I use Chrome Remote Desktop pretty much every day.
0 kommentar(er)
