Re: [fw-wiz] terminal services

From: Steven M. Bellovin (smb@research.att.com)
Date: 01/28/03 

From: "Steven M. Bellovin" <smb@research.att.com>
To: natfirewall@netscape.net
Date: Tue Jan 28 16:28:01 2003

In message <4D163268.59645032.4E9ED121@netscape.net>, natfirewall@netscape.net
writes:
>Greetings,
>
>I am being asked to open port 3389 on our Corporate firewall and direct incomi
>ng traffic on that port to a specific IP on our internal network. Being the p
>aranoid that I am, I do not want to do this but I need better reasons/ammuniti
>on other than saying "it would be bad". I am looking for pointers to informat
>ion hopefully in support of my fear of M$ security. Also, the more recent th
>e information the better.
>

After Saturday's festivities, you have to ask?

Note -- I'm *not* saying that just because it's Microsoft. Rather, I'm
pointing out the danger of opening extra holes in your firewall. Ask
yourself this: how did Microsoft (and others) get the infection on the
*inside* of its firewall? The issue isn't just that people inside
didn't patch their machines (though by my analysis, to a first
approximation virtually every machine they own was likely to be
vulnerable); rather, it's that there was a hole. Mostly likely, there
was more than one hole, but it only took one, given how virulent this
worm was.

                --Steve Bellovin, http://www.research.att.com/~smb (me)
                http://www.wilyhacker.com (2nd edition of "Firewalls" book)

Relevant Pages

  • Re: [fw-wiz] terminal services
    ... >> pointing out the danger of opening extra holes in your firewall. ... >that a VPN is a hole in the firewall, albeit generally a mitigated hole, ... >people didn't patch their machines. ...
    (Firewall-Wizards)
  • Re: how can i close an open port ?
    ... instead you use a firewall to limit access to that port to trusted ... machines only. ... i found that port 5000 is opened in my pc ...how can i close an open port? ...
    (microsoft.public.security)
  • Re: Norton 2005 Int Security, Trend PCcillin or Zone Alarm ???????
    ... > I want security I can run on both machines. ... System overhead is higher than standard firewall applications. ... Symantec products do not remove (uninstall) well. ... Micro Trends PC-Cillan is very good (possibly the best in home network ...
    (alt.computer.security)
  • Re: Setting Up A WorkGroup for file and Share Printing
    ... Tried that amd could access only one of the two drives, the D drive, however ... I Turned off NIS 2008 firewall ... I made sure the Registry setting "IRPStackSize" on both machines ... Here are general network troubleshooting steps. ...
    (microsoft.public.windowsxp.network_web)
  • Re: Sharing a printer
    ... It may look daunting, but if you follow the steps at the links and suggestions below systematically and calmly, you will have no difficulty in setting up your sharing. ... start by running the Network Setup Wizard on all machines. ... Problems sharing files between computers on a network are generally caused by 1) a misconfigured firewall; or 2) inadvertently running two firewalls such as the built-in Windows Firewall and a third-party firewall; and/or 3) not having identical user accounts and passwords on all Workgroup machines; 4) trying to create shares where the operating system does not permit it. ...
    (microsoft.public.windowsxp.network_web)