Re: secure terminal services

From: Bjoern (bj_at_whanau.net)
Date: 05/30/03 

Date: Fri, 30 May 2003 16:42:21 +1200

Hello,
I too have been wondering about this, do you need to use a VPN, even if you
use a firewall with TS being published on the web, could you not set a Group
Policy of three strikes your out for the password, so without the password
you basically cannot get in.
Cheers

"Matjaz Ladava" <matjaz@_nospam_ladava.com> wrote in message
news:enDMwPHJDHA.276@tk2msftngp13.phx.gbl...
> Well there is no SSL for RDP protocol. As Lanwench suguested instead of
> opening your server to the outside, allow just VPN connection, but I would
> remind you, that instead of exposing your server directly to the internet,
> use firewall and securely publish your services trough firewall.
>
> Regards
>
> Matjaz Ladava
>
> "Exped24_M" <exped24@hotmail.com> wrote in message
> news:usX2yPGJDHA.3084@tk2msftngp13.phx.gbl...
> > I am talking about Terminal Service build in win 2000 advanced server
> >
> > any SSL harden password option
> >
> > thanks
> >
> > "Lanwench [MVP - Exchange]"
> > <lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com> wrote in
> message
> > news:%23DfC5$FJDHA.1360@TK2MSFTNGP10.phx.gbl...
> > > Are you talking about TSWeb?
> > >
> > > Exped24_M wrote:
> > > > How do I tell the Terminal service to use the SSL?
> > > >
> > > > thanks
> > > >
> > > >
> > > > "Lanwench [MVP - Exchange]"
> > > > <lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com> wrote in
> > > > message news:uYrPpiFJDHA.3272@tk2msftngp13.phx.gbl...
> > > >> SSL, and ideally don't allow access to anything other than through
> > > >> VPN (with the exception of 25 for your mail server if you run one,
> > > >> and whatever else you need open)
> > > >>
> > > >> Exped24_M wrote:
> > > >>> Hi all,
> > > >>>
> > > >>> I am using the terminal service on win 2000 ads all working good
> > > >>>
> > > >>> now, I was hacking throw the terminal with password scanning
program
> > > >>> and the hacker gain access to my server
> > > >>>
> > > >>> is there any way for harder secure the terminal server, that can
be
> > > >>> harden to hack?
> > > >>>
> > > >>> Thanks for any advice
> > >
> > >
> >
> >
>
>

Relevant Pages

  • RE: Sandboxing
    ... the 3Com Embedded Firewall would be extremely useful and enabling (in ... your case) when you look at it in a VPN context. ... This security policy will accomplish quite a few things: ... During the Policy Server installation, ...
    (Focus-IDS)
  • Re: VPN Firewall for new webserver
    ... > I'm setting up a webserver at a colocation and I need to put a VPN ... You're not going to get a quality firewall for that amount, ... and D-Link makes a DI-804HV unit ... users access to the SQL server, let them do it through a VPN session. ...
    (comp.security.firewalls)
  • Re: Firewall Info/Recommendations?
    ... I would seriously consider an air-gap solution. ... Let me outline a few features that no other firewall can touch. ... Provide secure access without a VPN from any web browser (this greatly ... > manageable without much higher-level support if you want things like ...
    (comp.security.firewalls)
  • Re: [fw-wiz] Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)
    ... complexity and architectural inelegance of having 3-5 gateway security ... VPN) convinced me to eventually champion a migration to Symantec's SGS ... Nice balance of "default deny" at the firewall, ...
    (Firewall-Wizards)
  • Re: two winxp home machines, varied results
    ... >The only firewall I have on my machine *aside* from the Cisco VPN ... Please don't change "restrictAnonymoussam", only ... >Here is the IPCONFIG and BROWSTAT listings for each machine. ...
    (microsoft.public.windowsxp.network_web)