RE: Re: Remote connections

From: Conlan Adams (conlan_at_mebtc.org)
Date: 10/19/04

  • Next message: GuidoZ: "Re: Re: Remote connections"
    Date: Tue, 19 Oct 2004 11:38:08 -0400
    To: "John Fleming" <jfleming@creativeventuresofboca.com>, "Laura Robinson" <larobins@verizon.net>, "GuidoZ" <uberguidoz@gmail.com>, <focus-ms@securityfocus.com>
    
    

    New to the list (just signed up today) but there is another option

    SSH
    Compliments of Cygwin (www.cygwin.org) you can setup a SSH server on
    nearly any machine. Then you can connect to said machine from the
    machine you would like to take over from, and port tunnel the RDP
    connection through the SSH connection.

    There are several pages on google that can help you with how to do it
    referring to VNC with this, just search for VNC, SSH and Cygwin and
    supliment it by doing RDP instead of VNC.
     
    There is a problem running this on XP machines, as they think your
    trying to connect to yourself locally (as you have to forward the port)
    to correct this just follow the directions here
    (http://archive.erdelynet.com/ssh-l/2002-10/msg00001.php)

    Conlan Adams

    -----Original Message-----
    From: John Fleming [mailto:jfleming@creativeventuresofboca.com]
    Sent: Monday, October 18, 2004 11:04 PM
    To: 'Laura Robinson'; 'GuidoZ'; focus-ms@securityfocus.com
    Cc: bugtraq@planetcobalt.net; paviles@adjoined.com
    Subject: RE: Re: Remote connections

    Aside from creating a VPN tunnel and then performing a Remote Desktop
    session, the only other secure way that I was taught, but never tested
    was through SSL.

    Aparently there is a Remote Desktop Web Connection feature that can be
    installed with IIS 6.0. This can act as a gateway to 2000 and 2003
    Server Terminal Services and XP and 2003 server Remote Desktop machines.
    You communicate through HTTP port 80 or SSL 443. Terminal Services Web
    Connection is installed on the web server to a Virtual Directory called
    TSWEB. It is supposed to act as a gateway between the client and
    terminal server. Like I said, I have never tried it, but would love to
    hear some input on it if anyone has.

    Regards,

    John

    -----Original Message-----
    From: Laura Robinson [mailto:larobins@verizon.net]
    Sent: Saturday, October 16, 2004 5:34 PM
    To: GuidoZ; focus-ms@securityfocus.com
    Cc: bugtraq@planetcobalt.net; paviles@adjoined.com
    Subject: Re: Re: Remote connections

    > > Why not? I don't know of any current exploit for RDP set to high
    > > encryption, and even if there were any, connections may very well be

    > > shielded by encrypted tunnels.
    >
    > I'm not aware of any currently either, but as their track record
    > proves, that's meaningless.

    RDP has been around and used for *years*. Just because Microsoft makes
    something doesn't inherently mean that it is broken and requiring of a
    knee-jerk bigoted approach to it.

    > > RDP can be tunneled thru SSH as well and has much better performance

    > > than VNC (don't know about Radmin).
    >
    > This may very well be true. I'm not up to par as much as I'd like on
    > RDP, although I'm quite well learned on VNC and such. TightVNC has
    > some of the best compression I've ever seen on a remote control app,
    > I've used TightVNC through Dial-up many a times without delay or a
    > problem. I'd love to see RDP perform the same feat.

    Um, it does. I've done it many, many times. And RAdmin is garbage as far
    as what it does to the machine on which it's running unless you remember
    to crank down its refresh rate to a near-nonexistent level.
    >
    > But I digress. Again, I very well could be wrong about RDP. I've
    > always leaned towards other remote control programs due to problems
    > that usually arises with proprietary programs. (I've been using a form

    > of WinVNC since before RDP was even thought of.)

    Don't be too sure- do you know where RDP came from? With that said, I
    think it's time for you to take a look at it before making what you
    admit are biased statements about it. Never comment on something you've
    not used is usually a good approach, I find.

     

    ------------------------------------------------------------------------

    ---
    ------------------------------------------------------------------------
    ---
    ------------------------------------------------------------------------
    ---
    ------------------------------------------------------------------------
    ---
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    

  • Next message: GuidoZ: "Re: Re: Remote connections"

    Relevant Pages

    • Re: Connecting a remote workstation to a domain
      ... If you have more than a couple of remote workstations connecting to the SBS ... server via VPN, you really need to consider a Terminal Server in the main ... "Log in using a dial up connection" checkbox, ... roaming profile then synchronizes with the server over the VPN); ...
      (microsoft.public.windows.server.sbs)
    • Re: Problem with Web based client
      ... Seems like you are having problems accessing the web server on the PC you ... > My remote desktop connection works fine when I connect with a Remote ...
      (microsoft.public.windowsxp.work_remotely)
    • Re: Remote Access and ISA Server in SBS 2003?
      ... I am glad to hear the Remote Access Wizard is working fine now. ... there is no difference in VPN between SBS 4.5 and SBS ... Error Message: VPN Connection Error 800: Unable to Establish Connection ... the external NIC of the SBS Server. ...
      (microsoft.public.windows.server.sbs)
    • Re: Another Remote Connection Manager Problem
      ... > internal and 192.168.1.3 for the internet connection. ... > via the SBS server to all clients. ... > With this configuration OWA and Remote Workplace are operational. ...
      (microsoft.public.windows.server.sbs)
    • RE: Remote Office Configuration Suggestions?
      ... Welcome to SBS newsgroup. ... I understand that you want to keep the remote office continue working even ... after the main internet connection on the main office is not available. ... If you want to join the remote server to a SBS domain and become a member ...
      (microsoft.public.windows.server.sbs)