My question was asked by another user a couple years ago but never really answered. http://social.technet.microsoft.com/Forums/en-US/itproxpsp/thread/19e292bb-28af-455a-8240-88c543856e97
Assume I am an MSP that manages 1000's of client servers via RDP sessions and authenticating using a one-way domain trust back to our AD. If, for whatever reason be it legit or malicious, a client's server has a keylogger installed locally:
1) Could the RDP sessions potentially be compromised? If so, in what way?
2) Would the Windows GINA prevent the keylogger from capturing our AD credentials?
3) Would it matter if the credentials were passed through the MSTSC (saved) as opposed directly typed out after the session was established?
4) Would it matter if the keylogger were hardware versus software?
5) Would the target OS version matter (2003-2012)?
Thank you for any insight. Also, please provide any reference material that might help explain your answer.
Blitz