RE: Secure / Encrypt Terminal Services

From: Kent Hundley (kent.hundley@prodigy.net)
Date: 11/27/02

  • Next message: Anders Thulin: "Odd entries in Win XP Pro Certificate MMC snap-in"
    Date: Wed, 27 Nov 2002 09:34:02 -0800
    To: TSimons@Delphi-Tech.com, focus-ms@securityfocus.com
    From: Kent Hundley <kent.hundley@prodigy.net>
    
    

    You can also check into CIPE: http://sites.inka.de/sites/bigred/devel/cipe.html

    I've used it on Windows 2000 before and it works great, although it would
    be cumbersome to manage the keys if you have many different hosts.

    HTH,
    Kent

    At 11:20 AM 11/26/2002 -0500, TSimons@Delphi-Tech.com wrote:
    >Has anyone implemented a layer of security before the RDP connection? I've
    >hear ZeeBeDee thrown around, ect.
    >
    >It needs to be invisible to the enduser, and sit either outside the
    >firewall, inside the firewall before the terminal server, or within the
    >firewall.
    >
    > \\
    >InternetUser---||---[TS Login Screen]
    > //
    >
    >~Todd
    >
    >-----Original Message-----
    >From: Adrian.Mink@pinnaclewest.com [mailto:Adrian.Mink@pinnaclewest.com]
    >Sent: Tuesday, November 26, 2002 11:15 AM
    >To: TSimons@Delphi-Tech.com; ohnonono@hushmail.com
    >Cc: focus-ms@securityfocus.com
    >Subject: RE: Secure / Encrypt Terminal Services
    >
    >
    >By default Terminal Services does encrypt the session. Go to Terminal
    >Services Configuration -> RDP-Tcp Properties -> General. You can set the
    >encryption level there. Note that there is no way to turn encryption off,
    >just to set Low, Medium and High.
    >
    >Adrian
    >
    >-----Original Message-----
    >From: TSimons@Delphi-Tech.com [mailto:TSimons@Delphi-Tech.com]
    >Sent: Monday, November 25, 2002 8:42 PM
    >To: ohnonono@hushmail.com
    >Cc: focus-ms@securityfocus.com
    >Subject: RE: Secure / Encrypt Terminal Services
    >
    >
    >We're looking for the same thing, I'll be watching posts, initial finds are:
    >
    >Check out www.jsiinc.com
    >http://www.jsiinc.com/subk/tip5000/rh5017.htm
    >http://support.microsoft.com/default.aspx?scid=kb;en-us;Q315055
    >
    >We're looking for solutions on how to add another layer of security without
    >inhibiting functionality, maybe something at the firewall level
    >
    >-----Original Message-----
    >From: ohnonono@hushmail.com [mailto:ohnonono@hushmail.com]
    >Sent: Thursday, November 21, 2002 9:22 AM
    >To: focus-ms@securityfocus.com
    >Subject: Secure / Encrypt Terminal Services
    >
    >
    >
    >-----BEGIN PGP SIGNED MESSAGE-----
    >
    >Does the community have an opinion on which is the best way to do this? Can
    >it be done via IP-Sec? Basically we have a machine (tripwire manager) that
    >will have access to all our networks. Due to politics (gotta love security
    >made insecure by politics) it must be remotely managed. The CIO (god bless
    >CIO's) has decided that we will use terminal services. Is there a way to
    >encrypt the traffic so it is not flying around the network in clear text?
    >Would IP-Sec be the recomended solution?
    >
    >Suggestions or links (or gentle shoves) to the information would be great.
    >
    >Thanks
    >
    >
    >-----BEGIN PGP SIGNATURE-----
    >Version: Hush 2.2 (Java)
    >Note: This signature can be verified at https://www.hushtools.com/verify
    >
    >wl0EARECAB0FAj3c67gWHG9obm9ub25vQGh1c2htYWlsLmNvbQAKCRAuXN+1lPsfqYk9
    >AJ4ndm/CgplNAjJHfTV5oSgPLfoYYwCfYUHT6Cta9Or1jTiu4KGfYokrjYg=
    >=2bx1
    >-----END PGP SIGNATURE-----
    >
    >
    >
    >
    >Get your free encrypted email at https://www.hushmail.com



    Relevant Pages

    • RE: Secure / Encrypt Terminal Services
      ... Has anyone implemented a layer of security before the RDP connection? ... firewall, inside the firewall before the terminal server, or within the ... Secure / Encrypt Terminal Services ... By default Terminal Services does encrypt the session. ...
      (Focus-Microsoft)
    • RE: Terminal services
      ... know whether the "Terminal Services" means the VPN connection. ... Extract all files to a folder on ISA server ... Click 'Configure Firewall Logging'. ... and then right click 'Microsoft Firewall' ...
      (microsoft.public.isa)
    • RE: Secure / Encrypt Terminal Services
      ... I do this regularly using an SSH tunnel. ... to a file and edit the port you connect on. ... Secure / Encrypt Terminal Services ...
      (Focus-Microsoft)
    • Re: Spreading Virus/worms/spyware via terminal server connections?
      ... tunnel' the session or force the client to access via only a secured gateway. ... VPN tunneling session for virus/worms/spyware etc..I'll check with my ... Sonicwall firewall vendor if they have this security feature.... ... > Your Terminal Services Security Website ...
      (microsoft.public.windows.terminal_services)
    • Re: Windows 2000 Advanced Server
      ... The computer connects to the internet thru a Dlink ... for a firewall, any suggestions as to what brand to use? ... >> accesses it via remote administration terminal services ... >its going to be used as a terminal server. ...
      (microsoft.public.win2000.security)