I just read through “Technical Analysis: Security Considerations for rdesktop and Windows Terminal Services” at Technet. Nothing too big here. The security issues of rdesktop are no different than that of Microsoft’s mstsc.exe client.
However, the paper did leave me with a few questions:
1. There is a not that rdesktop supports an -E option which prevents encryption of the login packet, which could potentially expose a password. Let us ignore the client for now. Why does RDP even support this?
2. Why doesn’t RDP, the protocol, support Kerberos? That is something I have never been able to understand. If it did, then you would get automatic logics from a client to server, regardless of whether you were using mstsc.exe or rdesktop, assuming you had your Windows desktop as part of AD or setup Kerberos between your Linux/UNIX workstation and AD (which is quite doable).
The author, Chris Travers, makes note of the fact that RDP was built around the OSI model instead of TCP/IP, thus it approaches things differently (e.g., not supporting Kerberos). I just do not follow this logic. Kerberos support can be added. What is taking so long?