Internal RDP vs Self-Hosted RustDesk
Hi everyone, I am looking for some guidance and real-world experiences around choosing the best approach for remote access in a Windows environment. Right now, we are considering two main options: - Continue using Microsoft Remote Desktop Protocol (RDP), but strictly for internal use only (no direct exposure to the public internet). - Deploy a self-hosted instance of RustDesk as an alternative or complement to RDP for remote access and remote support. Our main concern is security. RDP has historically been a common attack vector, especially when exposed externally or misconfigured, and we want to avoid introducing unnecessary risk to our endpoints. Even if we restrict RDP to internal networks or VPN-only access, we are still cautious about potential vulnerabilities, credential theft, lateral movement, and abuse of remote access. What we are trying to understand better is: 1. In environments where RDP is used only inside the LAN or over VPN (no open RDP from the internet), what are the recommended hardening practices and controls you would consider mandatory today? Examples might include: Network Level Authentication (NLA), strong account policies, just-in-time access, firewall restrictions, RDP Gateway, MFA, monitoring/logging, etc. 2. From a security and operational perspective, is it generally considered acceptable to keep RDP enabled only for internal administrative tasks, while avoiding using RDP for end-user remote support scenarios? 3. For those who have deployed self-hosted RustDesk (or similar remote support tools) in a Windows/Active Directory environment, how has it compared to RDP in terms of: - Security model (encryption, authentication, access control, exposure to the internet) - Ease of deployment and maintenance - User experience and performance - Logging, auditing, and integration with existing security monitoring 4. Are there any best practices or architectural patterns you would recommend when combining these approaches? For example: - Keeping RDP only on jump servers / bastion hosts inside the network - Using RustDesk (self-hosted) for remote support and helpdesk use cases - Enforcing least privilege, MFA, and strong authentication for all remote access paths - Segmentation and limiting which machines are even allowed to receive RDP connections 5. Have you encountered any specific security pitfalls, misconfigurations, or "gotchas" when relying on RDP internally or when rolling out RustDesk self-hosted that we should be aware of before committing to a design? Our goal is to design a remote access strategy that: - Minimizes attack surface and reduces the likelihood of compromise via remote access. - Separates administrative access from end-user remote support where it makes sense. - Remains manageable for a small IT/security team in terms of configuration, patching, and monitoring. If you have any references to Microsoft documentation, hardening guides, or community best practices for RDP (especially internal-only scenarios), as well as any detailed write-ups or lessons learned from using RustDesk self-hosted in production, those would be extremely helpful. Thank you in advance for any guidance, recommendations, or examples you can share. Best regards, Juan
Seeming memory leak in Win 11
Hello, For the past couple months I have been experiencing a weird issue on my windows machine. Usually around 8 or so hours after a clean reboot, task manager will start reporting 170+GB of 190GB of RAM is in use when the system is basically idle. However, when I tally the entire list of processes I can only account for 4GB in use. When I use RAMMap its the same story, I can account for 4GB and it appears windows has simply misplaced a 150GB of memory. The only other symptom I notice is when I shutdown, the shutdown process will take 40+ minutes sometimes as if some process is refusing to die. This does not occur when I shutdown while memory usage appears normal. So far I have tried: Using different web browsers and uninstalling the one I had been using. Removing pretty much every piece of software I have been using while the issue occurred. Ensured windows, firmware and drivers were properly updated.
DESIGNER only mkes 1 design not 4
I use ms ai image designer to make images and i makew ai videos ,, but for a week now it only makes 1 image not 4,, and it doesnt follow the propsat as per usual,. and it makes images in 3:2 not 16:9. I updateed my subscription for this tool and depend onm it.. SO please help me fix this
Where / How to find "Ask a question"
CAN ANYONE TELL ME how to reliably and repeatably find the Link to "Ask a question" or "Start a Discussion"! Yes, I am Starting a Discussion now ONLY because I accidentally stumbled upon a Start a discussion link. I am often wondering around in the various Community Hubs, Discussions, Screens, etc. trying to find that link - and don't laugh because I am serious, but sometimes for 30 minutes or more and sometimes finally giving up. I love the Community and the support here, but WHY is it so hard to "Ask a Question" I will post the question somewhere else when I finish here - if I can once again find the link to ask a question. And sorry to be such a pain over this and although a long-term Community participant, but this has been a lingering problem for me, going back years and years. ron in shawneeUnable to manually install KB5074109
I have an HP Laptop with version 25H2 OS build 26C200.6584 with x64 bit. I had tried to manually install KB5074109 thru the Microsoft Catalog, but getting an error message code Ox80070241. Is there a way to fix this, or should I skip it and see if I can manually install KB5077181. Thanks, By the way, what is it with these corrupted files that Microsoft is pushing out. This has been the 3rd update that I have received from them indicating the files were corrupted. Teresa
Unable to delete a directory on windows 11 - my solution
It's crazy, I couldn't delete 2 empty directories for the life of me. I tried ALL of the solutions, believe me. Hours. Redgedits, Reboots, Remove Empty Directories, too many solutions to list. I recall messages that the file wasn't found, or moved to a different locarion, and other errors that I cannot recall. Then I gave up and just for the h3ll of it, got on my android tablet, and used my file app (Luckfick File Manager} and I accessed the share that my directories that I couldn't delete on my Windows 11 machine, and I deleted them from the android app. Not trusting my eyes, I ran to the PC and lo and behold - the directories in File Explorer were gone!!!! I think that they contained a funky character " ) " (Parentheses) - Screenshot of file in Recycle Bin below. So, whatever you are using Android, or maybe APPLE, you can try this with your file app, it obviously has to have access to SMB shares and the directory must be shared SMB, and it may work. Let me know.Unable to install 2026-01 Security Update KB507419
I have a HP Laptop 3C0C5E63 11th Gen Intel (R), Core (TM) i5-113567 with 64-bit operating system... Now with version 25H2 (OS Build 26200.6584) thanks for your help with this. Now I have another issue that is not installing due to error 0x800f0983. This time it is the 2026-01 Security Update KB507419 (26200.7623). I am getting a failed to install message. Is there a work around for this one?? Thanks TeresaWindows 11 24H2/25H2 System Freeze After January 2026 Updates – Lenovo ThinkPad G2
Dear Microsoft Support Team, We would like to raise a high-priority technical support case regarding a stability issue observed after installing the January 2026 cumulative updates on our Windows 11 devices. Environment Details: Device Model: Lenovo ThinkPad G2 (multiple units) OS Versions: Windows 11 24H2 and 25H2 Update Installed: January 2026 Patch Tuesday cumulative update (KB number can be provided) Deployment Method: WSUS / Intune / Windows Update (specify accordingly) BIOS Version: (Installed Latest available from Lenovo) Issue Description: After installing the January 2026 cumulative updates, devices intermittently experience a complete system freeze. The system becomes fully unresponsive: Mouse and keyboard input stop responding No BSOD is displayed Task Manager cannot be opened System recovery is only possible via hard reboot (power button) Frequency: The issue occurs randomly, both during active use and idle state. Multiple users across our environment are impacted. Troubleshooting Performed: Reinstalled OEM-certified Lenovo display drivers Disabled Fast Startup Ran SFC and DISM health checks (no integrity violations) Updated BIOS to latest version Setting power idle mode, then work normally Request: - Please confirm whether this is a known global issue under investigation. - Advise if any hotfix, Known Issue Rollback (KIR), or registry-based mitigation is available. - Provide guidance on additional diagnostic logging required at kernel or driver level. - Confirm whether crash dump analysis is recommended for this scenario. We are prepared to provide additional diagnostic logs, memory dumps, or reproduction steps upon request. Kindly treat this as a priority case due to multi-user impact in a production environment. Thank you for your support. #Windows11, #Windows 11 24H2, Windows Update, Cumulative Update, System Freeze, Lenovo ThinkPad, Display Driver, EnterpriseUser Folder displaying wrong name and icon
I recently noticed that my personal user file is displaying the name "Pictures" and has the Pictures icon. However, when I click on the folder, everything is correct within the folder and the address bar shows the correct folder name. I've attempted to attach an image here; I had to paste several images together to create the attached image, so I know that the address bar would not actually be visible at this point, but if I click on the Pictures folder then the address bar it becomes visible. Thanks, Tom
