RE: Restrict Clinet IP address on Terminal Service

From: Laura A. Robinson (larobins_at_bellatlantic.net)
Date: 09/20/04

  • Next message: Radiant Matrix: "Re: Hardening Desktop"
    To: "'Menard, David'" <David.Menard@thomson.com>, "'Avgoustakis Stefan'" <Stefan.Avgoustakis@atosorigin.com>, <focus-ms@securityfocus.com>
    Date: Mon, 20 Sep 2004 16:29:50 -0400
    
    

    I believe that the OP wishes to restrict based on IP, not on user.

    Laura

    > -----Original Message-----
    > From: Menard, David [mailto:David.Menard@thomson.com]
    > Sent: Saturday, September 18, 2004 4:22 PM
    > To: Avgoustakis Stefan; focus-ms@securityfocus.com
    > Subject: RE: Restrict Clinet IP address on Terminal Service
    >
    > If I understand this correctly, you have certain users you
    > wish not to use Remote Desktop to connect to a particular
    > server? Or you wish certain users not to use Remote Desktop
    > on their machines?
    >
    > If the users have global accounts, set up a TS group and add
    > those you wish to connect. Add that group to the TS
    > Configuration. All others, disable TS ability through GP.
    >
    > You can go to this link to explain how to tighten up TS:
    >
    > http://nsa2.www.conxion.com/win2k/download.htm
    >
    > Dave Ménard
    >
    > -----Original Message-----
    > From: Avgoustakis Stefan [mailto:Stefan.Avgoustakis@atosorigin.com]
    > Sent: Friday, September 17, 2004 10:53
    > To: focus-ms@securityfocus.com
    > Subject: RE: Restrict Clinet IP address on Terminal Service
    >
    > Greetings,
    >
    > You could consider using IPSEC.
    >
    > Greetings,
    >
    > stefan
    >
    >
    > -----Original Message-----
    > From: Toto A Atmojo [mailto:toto@playon.co.id]
    > Sent: Thursday, September 16, 2004 8:41 AM
    > To: focus-ms@securityfocus.com
    > Subject: Restrict Clinet IP address on Terminal Service
    >
    > Hello all,
    > I have a question on restricting client connection to access
    > terminal service (Remote Desktop) on Windows 2003.
    > Can we just allowing only 1 IP (or some IPs)  to connect to
    > our server that provide Remote Desktop?
    > Is there any Original setting on Windows to do that (Without
    > configuring on third party firewall / tools)?
    >
    > Thanks
    >
    >
    >
    > --------------------------------------------------------------
    > -------------
    > --------------------------------------------------------------
    > -------------
    > **************************************************************
    > **************
    > Disclaimer:
    > This electronic transmission and any files attached to it are
    > strictly confidential and intended solely for the addressee.
    > If you are not the intended addressee, you must not disclose,
    > copy or take any action in reliance of this transmission. If
    > you have received this transmission in error, please notify
    > the sender by return and delete the transmission. Although
    > the sender endeavors to maintain a computer virus free
    > network, the sender does not warrant that this transmission
    > is virus-free and will not be liable for any damages
    > resulting from any virus transmitted.
    > Thank You.
    > **************************************************************
    > **************
    >
    > --------------------------------------------------------------
    > -------------
    > --------------------------------------------------------------
    > -------------
    >
    >
    >
    >
    > --------------------------------------------------------------
    > -------------
    > --------------------------------------------------------------
    > -------------
    >

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------


  • Next message: Radiant Matrix: "Re: Hardening Desktop"

    Relevant Pages

    • OT: Regarding POT subject matter
      ... CONFIDENTIALITY NOTICE ... This transmission and any attachments are confidential and intended solely ... If you are not the addressee, you may not copy, forward, ... please delete it and all copies from your system and notify the sender ...
      (comp.sys.hp.mpe)
    • Re: sysconf (again)
      ... CONFIDENTIALITY NOTICE ... This transmission and any attachments are confidential and intended solely ... If you are not the addressee, you may not copy, forward, ... please delete it and all copies from your system and notify the sender ...
      (comp.sys.hp.mpe)
    • Re: Errors on fiber channel adapter.
      ... problem turned out to be a failing 6228. ... > James Jackson ... > distribution of this transmission is STRICTLY PROHIBITED. ... > notify the sender by return e-mail and delete the message and ...
      (AIX-L)
    • Re: internal data integrity
      ... Possibly nothing and the document attachment is being damaged during ... See if the sender has WinZip or a similar utility. ... attachment makes it more robust for transmission. ... Terry Farrell - Word MVP ...
      (microsoft.public.word.application.errors)
    • Re: Sendmail virus scanner
      ... Any claim to privilege is ... not waived or lost by reason of mistaken transmission of this information. ... If you are not the intended recipient you must not distribute or copy this ... Your costs for doing this will be reimbursed by the sender. ...
      (Security-Basics)