diff --git a/README.x86.md b/README.x86.md
index 430b5a6..79097b1 100644
--- a/README.x86.md
+++ b/README.x86.md
@@ -46,10 +46,20 @@ After=multi-user.target
 
 [Service]
 Type=simple
-ExecStart=/usr/bin/x11vnc -display :0 -auth guess -forever -loop -noxdamage -repeat -rfbauth /etc/x11vnc.pass -rfbport 5900 -shared
+ExecStart=/usr/bin/x11vnc -display :0 -forever -localhost -loop -noxdamage -repeat -rfbauth /etc/x11vnc.pass -rfbport 5900 -shared
 
 [Install]
 WantedBy=multi-user.target
 EOF
 sudo systemctl enable x11vnc.service
+
+#für RDP kann noch xrdp nach installiert und eingerichtet werden.
+#VNC ist aktuell nur über 127.0.0.1 erreichbar
+
+sudo apt install xrdp 
+sudo systemctl enable xrdp
+
+#dann die xrdp.ini entsprechend anpassen -> einfach unter /etc/xrdp/xrdp.ini schauen
+
+sudo systemctl restart xrdp
 ```
diff --git a/etc/systemd/system/x11vnc.service b/etc/systemd/system/x11vnc.service
new file mode 100644
index 0000000..4453f2f
--- /dev/null
+++ b/etc/systemd/system/x11vnc.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Start X11VNC
+After=multi-user.target
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/x11vnc -xkb -noxrecord -noxfixes -noxdamage -display :0 -localhost -forever -loop -repeat -rfbauth /etc/x11vnc.pass -rfbport 5900 -noipv6 -shared
+ExecStop=/usr/bin/killall x11vnc
+Restart=on-failure
+Restart-sec=2
+
+[Install]
+WantedBy=multi-user.target
diff --git a/etc/xrdp/xrdp.ini b/etc/xrdp/xrdp.ini
new file mode 100644
index 0000000..4a34d91
--- /dev/null
+++ b/etc/xrdp/xrdp.ini
@@ -0,0 +1,201 @@
+[Globals]
+; xrdp.ini file version number
+ini_version=1
+
+; fork a new process for each incoming connection
+fork=true
+; tcp port to listen
+port=3389
+; 'port' above should be connected to with vsock instead of tcp
+use_vsock=false
+; regulate if the listening socket use socket option tcp_nodelay
+; no buffering will be performed in the TCP stack
+tcp_nodelay=true
+; regulate if the listening socket use socket option keepalive
+; if the network connection disappear without close messages the connection will be closed
+tcp_keepalive=true
+#tcp_send_buffer_bytes=32768
+#tcp_recv_buffer_bytes=32768
+
+; security layer can be 'tls', 'rdp' or 'negotiate'
+; for client compatible layer
+security_layer=negotiate
+; minimum security level allowed for client
+; can be 'none', 'low', 'medium', 'high', 'fips'
+crypt_level=high
+; X.509 certificate and private key
+; openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 365
+certificate=
+key_file=
+; set SSL protocols
+; can be comma separated list of 'SSLv3', 'TLSv1', 'TLSv1.1', 'TLSv1.2', 'TLSv1.3'
+ssl_protocols=TLSv1.2, TLSv1.3
+; set TLS cipher suites
+#tls_ciphers=HIGH
+
+; Section name to use for automatic login if the client sends username
+; and password. If empty, the domain name sent by the client is used.
+; If empty and no domain name is given, the first suitable section in
+; this file will be used.
+autorun=
+
+allow_channels=true
+allow_multimon=true
+bitmap_cache=true
+bitmap_compression=true
+bulk_compression=true
+#hidelogwindow=true
+max_bpp=32
+new_cursors=true
+; fastpath - can be 'input', 'output', 'both', 'none'
+use_fastpath=both
+; when true, userid/password *must* be passed on cmd line
+#require_credentials=true
+; You can set the PAM error text in a gateway setup (MAX 256 chars)
+#pamerrortxt=change your password according to policy at http://url
+
+;
+; colors used by windows in RGB format
+;
+blue=009cb5
+grey=dedede
+#black=000000
+#dark_grey=808080
+#blue=08246b
+#dark_blue=08246b
+#white=ffffff
+#red=ff0000
+#green=00ff00
+#background=626c72
+
+;
+; configure login screen
+;
+
+; Login Screen Window Title
+#ls_title=My Login Title
+
+; top level window background color in RGB format
+ls_top_window_bg_color=009cb5
+
+; width and height of login screen
+ls_width=350
+ls_height=430
+
+; login screen background color in RGB format
+ls_bg_color=dedede
+
+; optional background image filename (bmp format).
+#ls_background_image=
+
+; logo
+; full path to bmp-file or file in shared folder
+ls_logo_filename=
+ls_logo_x_pos=55
+ls_logo_y_pos=50
+
+; for positioning labels such as username, password etc
+ls_label_x_pos=30
+ls_label_width=65
+
+; for positioning text and combo boxes next to above labels
+ls_input_x_pos=110
+ls_input_width=210
+
+; y pos for first label and combo box
+ls_input_y_pos=220
+
+; OK button
+ls_btn_ok_x_pos=142
+ls_btn_ok_y_pos=370
+ls_btn_ok_width=85
+ls_btn_ok_height=30
+
+; Cancel button
+ls_btn_cancel_x_pos=237
+ls_btn_cancel_y_pos=370
+ls_btn_cancel_width=85
+ls_btn_cancel_height=30
+
+[Logging]
+LogFile=xrdp.log
+LogLevel=DEBUG
+EnableSyslog=true
+SyslogLevel=DEBUG
+; LogLevel and SysLogLevel could by any of: core, error, warning, info or debug
+
+[Channels]
+; Channel names not listed here will be blocked by XRDP.
+; You can block any channel by setting its value to false.
+; IMPORTANT! All channels are not supported in all use
+; cases even if you set all values to true.
+; You can override these settings on each session type
+; These settings are only used if allow_channels=true
+rdpdr=true
+rdpsnd=true
+drdynvc=true
+cliprdr=true
+rail=true
+xrdpvr=true
+tcutils=true
+
+; for debugging xrdp, in section xrdp1, change port=-1 to this:
+#port=/tmp/.xrdp/xrdp_display_10
+
+; for debugging xrdp, add following line to section xrdp1
+#chansrvport=/tmp/.xrdp/xrdp_chansrv_socket_7210
+
+
+;
+; Session types
+;
+
+; Some session types such as Xorg, X11rdp and Xvnc start a display server.
+; Startup command-line parameters for the display server are configured
+; in sesman.ini. See and configure also sesman.ini.
+;[Xorg]
+;name=Xorg
+;lib=libxup.so
+;username=ask
+;password=ask
+;ip=127.0.0.1
+;port=-1
+;code=20
+
+;[Xvnc]
+;name=Xvnc
+;lib=libvnc.so
+;username=ask
+;password=ask
+;ip=127.0.0.1
+;port=-1
+#xserverbpp=24
+#delay_ms=2000
+
+[vnc-any]
+name=vnc-any
+lib=libvnc.so
+ip=127.0.0.1
+port=5900
+username=na
+password=ask
+#pamusername=asksame
+#pampassword=asksame
+#pamsessionmng=127.0.0.1
+#delay_ms=2000
+
+;[neutrinordp-any]
+;name=neutrinordp-any
+;lib=libxrdpneutrinordp.so
+;ip=ask
+;port=ask3389
+;username=ask
+;password=ask
+
+; You can override the common channel settings for each session type
+#channel.rdpdr=true
+#channel.rdpsnd=true
+#channel.drdynvc=true
+#channel.cliprdr=true
+#channel.rail=true
+#channel.xrdpvr=true