Re: [fw-wiz] terminal services

From: R. DuFresne (dufresne@sysinfo.com)
Date: 01/28/03

• Next message: Don Kendrick: "Re: [fw-wiz] terminal services"
• Previous message: Noonan, Wesley: "RE: [fw-wiz] terminal services"
• In reply to: natfirewall@netscape.net: "[fw-wiz] terminal services"
• Next in thread: Don Kendrick: "Re: [fw-wiz] terminal services"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "R. DuFresne" <dufresne@sysinfo.com>
To: natfirewall@netscape.net
Date: Tue Jan 28 15:00:20 2003

On Tue, 28 Jan 2003 natfirewall@netscape.net wrote:

> Greetings,
>
> I am being asked to open port 3389 on our Corporate firewall and direct incoming traffic on that port to a specific IP on our internal network. Being the paranoid that I am, I do not want to do this but I need better reasons/ammunition other than saying "it would be bad". I am looking for pointers to information hopefully in support of my fear of M$ security. Also, the more recent the information the better.

What's on that backend channel you are being asked to open port 3389 for?
You need to know what service you are opening up on that port to make an
informde decision. So, you need to ask those running the server what
their need is for, what they are running there and trying to accomplish.

>
> Not being close minded, I would also be interested in seeing any information which would make me feel warm and fuzzy about opening the port.
>
>

See above. It's the feeling here you do not have enough information at
present to make an informed decision.

Thanks,

Ron DuFresne

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart
testing, only testing, and damn good at it too!

• Next message: Don Kendrick: "Re: [fw-wiz] terminal services"
• Previous message: Noonan, Wesley: "RE: [fw-wiz] terminal services"
• In reply to: natfirewall@netscape.net: "[fw-wiz] terminal services"
• Next in thread: Don Kendrick: "Re: [fw-wiz] terminal services"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Windows XP open port 389 ... It isn't actually "opening" the port, ... Windows XP open port 389 ... > I ran a scan of my laptop and discovered port 389 was listening. ... (Focus-Microsoft) Re: Backdoor.berbew.p now totally paranoid ... It will show you what file is opening what port and is communicating to what site. ... If you are using WinME or WinXP, disable System Restore ... (microsoft.public.security.virus) Re: Access via internet? ... and I'm not sure that they will afford a Windows Server to setup ... If so, and opening a port isn't viable, we may have to resort to the old ... >> needs to access a database in another factory. ... (microsoft.public.sqlserver.msde) Re: Access via internet? ... I would use something more reliable than just opening a port in the ... firewall, something like a VPN, that more secure than doing just a NATing. ... That´s when an option when your SQL Server is located in your LAN ... (microsoft.public.sqlserver.msde) Re: How to open port 21 ... While waiting for reply, I tried Windows ... That permitted opening of the port21. ... I am puzzled about port 21. ... > Generally opening ports can be done with Firewall. ... (microsoft.public.windowsxp.newusers)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint