Terminal Services Doesn't Use Network Level Authentication (NLA)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.

Synopsis :

The remote Terminal Services doesn't use Network Level Authentication.

Description :

The remote Terminal Services is not configured to use Network Level
Authentication (NLA). NLA uses the Credential Security Support
Provider (CredSSP) protocol to perform strong server authentication
either through TLS/SSL or Kerberos mechanisms, which protect against
man-in-the-middle attacks. In addition to improving authentication,
NLA also helps protect the remote computer from malicious users and
software by completing user authentication before a full RDP
connection is established.

See also :


Solution :

Enable Network Level Authentication (NLA) on the remote RDP server. This is
generally done on the 'Remote' tab of the 'System' settings on Windows.

Risk factor :

Medium / CVSS Base Score : 4.3

Family: Misc.

Nessus Plugin ID: 58453 ()

Bugtraq ID: