RE: Remote Administration on W2K

From: Eric Johansen (eric.johansen@reliastar.com)
Date: 07/27/01


From: "Eric Johansen" <eric.johansen@reliastar.com>
To: "'Brian McClory'" <security_resources@hotmail.com>, <SECURITY-BASICS@securityfocus.com>
Subject: RE: Remote Administration on W2K
Date: Fri, 27 Jul 2001 16:05:52 -0500
Message-ID: <003c01c116df$eb513390$98e911ac@sk3tch>

When you speak of terminal services - if by "unnecessary load" you mean
about 4MB of memory and almost zero CPU usage, then you're correct.

I don't understand why anyone would use anything other than the built-in
terminal services in most applications - you can secure the data stream
(128-bit), change the port which it uses
(http://support.microsoft.com/support/kb/articles/Q187/6/23.ASP), lock
it down to individual users, plus you don't have to worry about people
forgetting to log off or lock the box (datacenters are sometimes not as
secure as you think)...

If you're using Windows 2000, you should be using the built-in terminal
services client. It's free with the OS and is perfectly integrated -
why go third party in most circumstances?

Eric

-----Original Message-----
From: Brian McClory [mailto:security_resources@hotmail.com]
Sent: Friday, July 27, 2001 11:19 AM
To: SECURITY-BASICS@securityfocus.com
Subject: Re: Remote Administration on W2K

I would look into VNC by AT&T Labs. It seems to be very light weight,
and most importantly has completely customizable ports, very important
if you will be accessing through a firewall, and also adds a little
security through obscurity. Also, VNC is open source under the typical
GNU License and all the source is provided.

Terminal services is something I strongly discourage. It causes
unnecessary load on the server. I have never been a fan of PCAnywhere.

VNC: http://www.uk.research.att.com/vnc/

Brian P. McClory MCT, CCI, MCSE, MCP+I, CCA, ETC...

"I'm not an actor, I just play one on TV."

On Thu, 26 Jul 2001, Ryan McDonnell wrote:

> I wanted to get an idea of what full-system remote administration
> programs people recommend for internet servers. Mainly I've found
> most use PCAnywhere or Terminal Services... curious as to which poses
> less of a security risk, quicker speed, server resources used, etc.
>
> TIA,
>
> Ryan McDonnnell



Relevant Pages

  • RE: Remote Administration on W2K
    ... Subject: Remote Administration on W2K ... Well I replaced the files on my test server with the ones I downloaded from ... To copy files with the built-in TS, use RDPClip from the W2K Resource ... When you speak of terminal services - if by "unnecessary load" you mean ...
    (Security-Basics)
  • Server 2003 Terminal Services for Administration Issue
    ... I've set up a Server with Windows Server 2003 ... Terminal Services for Remote Administration. ... screens where I first see: ...
    (microsoft.public.windows.server.general)
  • Terminal Services Client Disconnected
    ... I have an existing Windows 2000 Server installation in which the Terminal ... Serivces for Remote Administration suddenly quit working after it had been ... When I initiate a terminal services session from any client PC on the LAN, ...
    (microsoft.public.win2000.networking)
  • Re: terminal server on windows 2000 allows only 2 sessions
    ... the choice between Remote Administration and Application Server ... go to Terminal Services Configuration - Server Settings - Licensing ... However, when you install in Application Server mode, you need to ...
    (microsoft.public.win2000.termserv.apps)
  • Re: How does Terminal Service Setup
    ... Installing Terminal Services on a 2003 server implies "Application ... This means you need a Licensing ... Server and TS CALs, and you get unlimited user connections. ... If you only want Remote Administration, ...
    (microsoft.public.windows.terminal_services)