Re: Terminal Services over VPN
From: Tomasz Barbaszewski (tomekb_at_aba.krakow.pl)
Date: 08/27/03
- Previous message: Larry Thompson: "RE: VPN's - Firewall's and Security"
- Maybe in reply to: David Y. Ng: "Terminal Services over VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 27 Aug 2003 12:15:30 -0000 To: security-basics@securityfocus.com('binary' encoding is not supported, stored as-is) In-Reply-To: <3F3BE632.8010108@cmhsweb.org>
>Received: (qmail 16249 invoked from network); 14 Aug 2003 22:09:57 -0000
>Received: from outgoing3.securityfocus.com (205.206.231.27)
> by mail.securityfocus.com with SMTP; 14 Aug 2003 22:09:57 -0000
>Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
> by outgoing3.securityfocus.com (Postfix) with QMQP
> id E2371A3544; Thu, 14 Aug 2003 16:08:19 -0600 (MDT)
>Mailing-List: contact security-basics-help@securityfocus.com; run by ezmlm
>Precedence: bulk
>List-Id: <security-basics.list-id.securityfocus.com>
>List-Post: <mailto:security-basics@securityfocus.com>
>List-Help: <mailto:security-basics-help@securityfocus.com>
>List-Unsubscribe: <mailto:security-basics-unsubscribe@securityfocus.com>
>List-Subscribe: <mailto:security-basics-subscribe@securityfocus.com>
>Delivered-To: mailing list security-basics@securityfocus.com
>Delivered-To: moderator for security-basics@securityfocus.com
>Received: (qmail 24935 invoked from network); 14 Aug 2003 13:38:39 -0000
>Message-ID: <3F3BE632.8010108@cmhsweb.org>
>Date: Thu, 14 Aug 2003 15:42:42 -0400
>From: "David Y. Ng" <dng@cmhsweb.org>
>User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4)
Gecko/20030624 Netscape/7.1 (ax)
>X-Accept-Language: en-us, en
>MIME-Version: 1.0
>To: security-basics@securityfocus.com
>Subject: Terminal Services over VPN
>Content-Type: text/plain; charset=us-ascii; format=flowed
>Content-Transfer-Encoding: 7bit
>
We are using IPSec in order to protect RDP transmissions.
There is one trick - the best way is to do it in additional device.
Personally we prepared LINUX+Free S/Wan box, which act as IPSec Gate
between Thin Clients (equiped with IPSec) and MS Server.
Result is very good. Server is working as usuall (w/o any changes), but
all transmissions RDP Client to the IPSec Gate Box (it is standing on the
server) are encrypted (even AES is possible).
Solution is VERY FAST. We had testing over 100 simultaneous connections.
You can use also CISCO, but it offer ~900 kpbs (w/o hardware acc.), but
with Embedded Linux/Free S/Wan box you can reach easily 15-50 Mbps (I mean
of course encrypted traffic).
Similar idea is published as a SINA project in Germany (www.bsi.bund.de).
Best regards
Tomasz
>Has anyone used Terminal Services over Microsoft's VPN
>server? I need to run some program off the server and when I
>used just the VPN, it was terribly slow. The solution on paper
>is to run the program off Terminal Services and just let it
>pass through the VPN which could be faster, supposedly.
>
>Any experiences with this? Is Terminal Services in itself
>secure? I read there's some form of encryption also but
>is it comparable to VPN in a way?
>
>
>--------------------------------------------------------------------------
-
>--------------------------------------------------------------------------
-- > > --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
- Previous message: Larry Thompson: "RE: VPN's - Firewall's and Security"
- Maybe in reply to: David Y. Ng: "Terminal Services over VPN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
