Re: TSAC (Terminal Services Advanced [?] Client)

Date: 10/10/01

Message-ID: <02d101c15196$d07c0ee0$>
Subject: Re: TSAC (Terminal Services Advanced [?] Client)
Date: Wed, 10 Oct 2001 07:20:51 -0700

Go to the Terminal Services Configuration tool, in the Connections node, and
display the properties for the RDP-Tcp connection. There you can set the
encryption level.

TS listens on TCP 3389. That is all you have to open/close to
enable/disable access. You can change the default listen port to something
else (see Q187623) if you would like, but you then have to change all the
client connectors as well. Note that the TSWeb Active X control only uses
3389 as previously noted in this thread, and can't be changed, though I am
working on a hack for that.

If you put TS live on the net, do a couple of things... Rename the
administrator account to mitigate BF attacks, put a logon banner (helps for
now, but not for long!) and close everything else. If you know that only
certain clients will connect, you should only allow 3389 from those guys.
And audit!

(Hey Jim!!)

----- Original Message -----
From: "Michael Ward" <>
To: "Jim Harrison (SPG)" <>; "Christopher Scragg"
<>; <>;
<>; <>
Sent: Wednesday, October 10, 2001 6:52 AM
Subject: RE: TSAC (Terminal Services Advanced [?] Client)

How do you configure it to use encryption? What ports should be closed
to make sure that the Term. Serv cannot be accessed from the outside



-----Original Message-----
From: Jim Harrison (SPG) []
Sent: Tuesday, October 09, 2001 5:16 PM
To: Christopher Scragg;;;
Subject: RE: TSAC (Terminal Services Advanced [?] Client)

It's really not all that alarming, unless you let them operate with
default settings.
TS can be configured to use 128-bit encryption, providing all the data
obfuscation you could want.

* Jim Harrison
MCP(2K), A+, Network+
Services Platform Group
*(425) 705-7275

-----Original Message-----
From: Christopher Scragg []
Sent: Tuesday, October 09, 2001 12:29
Subject: RE: TSAC (Terminal Services Advanced [?] Client)

Lets help Florian for a moment shall we? The mere fact that a
responsible organization would even allow Terminal Connections of any
type through a firewall - be it Citrix or Windows TS without the use of
a VPN is alarming.

Secondly, think outside the box for a moment, Florian. The use for
"multiple server windows" are for connectivity to multiple servers, not
multiple instances of the same session - that would be pointless.

For what it is worth, there is a Pre SP3 patch for Win2k <hold my
breath> available for the memory leaks you speak of. For your
convenience, I have provided a link to the patch:

Christopher Scragg
Chief Technology Officer
Business Information Group
865.777.1382 x222 Local
888.875.4704 x222 Toll Free
865.777.1579 Direct

:-----Original Message-----
:From: Florian Duerr []
:Sent: Sunday, October 07, 2001 7:14 PM
:Subject: TSAC (Terminal Services Advanced [?] Client)
:Hi folks

:- Memory leaks on the Server after about 100 connects and disconnects,
: about 15 MB RAM where just gone ;( .... Do you see the DoS
: I said "connects", NOT logins!
:- Multiple Windows are nonsense, since the most servers allow anyway
: only two connections (cause of Remote Admin-Mode) *g*