Re: remote desktop question

• Previous message: FocusHacks: "Re: Hard drives v. CF/Smart media/etc."
• In reply to: cc: "remote desktop question"
• Next in thread: Alloishus BeauMains: "Re: remote desktop question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 21 Oct 2005 16:53:48 -0700
To: cc <cc@belfordhk.com>

make sure nothing but what's essential is running, use microsoft
baseline security analyzer to give you a basic idea of how secure the MS
sides of things are, make sure it's patched as fully as possible, run
iis lockdown if you plan to have or not to have iis services on the
computer. i believe xp pro limits you to a max of 2 users without
additional terminal services licenses (if you can even purchase more..)
only have port 3899 open (RDP) if you can get away with it. Log all
in/out connections, and Log all traffic attempting to hit the box. Only
give out a user account with limited access and a difficult to
guess/bruteforce password. You might even want to setup a time based
policy on your firewall to allow access only during off hours (or when
the RDP traffic is likely to occur). Make sure you have auditing for
logons/invalid logons turned on so attempts, etc..show up in the system
log...hmm i think that's a good start.

anyone else?

Austin Murkland

cc wrote:
> Dear All,
>
> The company I work with recently required a remote desktop access and
> to keep the budget down, I used a XP Pro system to receive only one
> Remote Desktop user.
>
> Since this requires the opening up of a port on the firewall,
> I'm quite concerned. I have limited the system to only one or
> two users who can log on. Since this is my initial foray
> into the remote desktop client (in the past, we used PCAnywhere,
> but it's getting more and more expensive(hard to justify
> purchasing a license for each system).
>
> In what ways can I protect the remote desktop system from
> being broken into? (Well, aside from shutting it down.)
>
> Any pointers appreciated.
>
> Edmund
>
>
>
>
>
>

• Previous message: FocusHacks: "Re: Hard drives v. CF/Smart media/etc."
• In reply to: cc: "remote desktop question"
• Next in thread: Alloishus BeauMains: "Re: remote desktop question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: More on Remote Desktop ... I still won't be opening up a port on my firewall for it, ... The Remote Desktop ... > Yes a VPN will work just fine. ... (microsoft.public.windowsxp.network_web) Re: Terminal Services over port 80 over HTTPS only ... firewall does not allow RDP protocol calls due to which Terminal services ... Secure Gateway and 2008 TS can connect over SSL on port 443, ... Microsoft MVP - Terminal Server ... being used by the clients over the internet using Remote Desktop client ... (microsoft.public.windows.terminal_services) Re: Remote Connection and SP2 ... On your Netgear router, you have to set up Port Forwarding so it ... > Thanks for the suggestion but i allready have Remote Desktop ... I'd suspect the Windows Firewall. ... (microsoft.public.windowsxp.work_remotely) Re: How do I open Port 3389 ... message that it was already being used for Remote Desktop Connection. ... I find out if there is an application using this port already? ... I will test turning off the firewall when I am ... I haven't tried disabling it; I will do that when I'm ... (microsoft.public.windows.server.sbs) Re: Remote assistance/desktop ... You'll need to download and install the remote desktop client from ms ... You will need to setup port forwarding in the firewall. ... > just a question of assigning NAT port xxx to forward to 3389 on the ... (microsoft.public.windowsxp.general)