Re: Thoughts and questions about security

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Sooner Al [MVP] (SoonerAl_at_somewhere.net.invalid)
Date: 02/19/05 

Date: Sat, 19 Feb 2005 16:58:28 -0600

22 

-- 
    Al Jarvi (MS-MVP Windows Networking)
Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...
"Johan" <Johan@discussions.microsoft.com> wrote in message 
news:56044BBE-2D38-430D-9801-A4DC42B86DB5@microsoft.com...
> Of course :) Didn't think about that. Why would I need to open 3389.... shame
> shame.
> This makes it very secure I guess. But will I still need portforward in my
> router to the Remote host? 3389 or 22 ?
>
> Thanks,  Johan
>
> "Sooner Al [MVP]" wrote:
>
>> If you run Remote Desktop through a SSH tunnel there is absolutely no need to even open up TCP 
>> Port
>> 3389 on the router or to change the listening port... All you need is TCP Port 22 open for SSH...
>>
>> http://theillustratednetwork.mvps.org/RemoteDesktop/SSH-RDP-VNC/RemoteDesktopVNCandSSH.html
>>
>> Grab the script from...
>>
>> http://www.bluestream.org/Networking/SSHTunnelRDP.htm
>>
>> ....to automate this...
>>
>> -- 
>>     Al Jarvi (MS-MVP Windows Networking)
>>
>> Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
>> The MS-MVP Program - http://mvp.support.microsoft.com
>> This posting is provided "AS IS" with no warranties, and confers no rights...
>>
>> "Johan" <Johan@discussions.microsoft.com> wrote in message
>> news:40D8F7AD-FF90-49EA-96F3-73CE2919ECA9@microsoft.com...
>> > Let say you change RD listening port to something else than 3389.  You open
>> > up your firewalls (XP's and Norton Internet Security and my routers builtin)
>> > to that other port. You set up SSH for the RD connection.
>> > The RD server is behind a router that uses NAT, and my port is forwarded to
>> > the servers ipaddress.
>> >
>> > Now, if making a connection, that specific session is very very secure.
>> >
>> > But your RD server is wide open anyways, since you opened up that port. And
>> > the only thing that will keep it free from hackers is a very strong password.
>> >
>> > Am i right?? Is there any other way to tighten that "hole", I don't want to
>> > use VPN.
>> >
>>
>>

Relevant Pages

  • Re: Remote Desktop
    ... Please post *ALL* questions and replies to the news group for the mutual benefit of all of us... ... > I was able to connect after disabling IPsec and port ... >>> Al Jarvi (MS-MVP Windows Networking) ... pc using remote desktop which is enabled. ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: Remote working - log in problems
    ... I've tried it at a remote computer - doesn't work ... All the tools say that port is open, ... Al Jarvi (MS-MVP Windows Networking) ... Please post *ALL* questions and replies to the news group for the ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: Remote Desktop Printing
    ... Al Jarvi (MS-MVP Windows Networking) ... Please post *ALL* questions and replies to the news group for the mutual benefit of all of us... ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: Some kind of effective way to offer Remote Support
    ... > If your talking about a domain or trusted domain environment you could use the Remote Assistance ... > Al Jarvi (MS-MVP Windows Networking) ... > Please post *ALL* questions and replies to the news group for the mutual benefit of all of us... ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: Remote Desktop from Pocket PC 2003
    ... Al Jarvi (MS-MVP Windows Networking) ... Please post *ALL* questions and replies to the news group for the mutual benefit of all of us... ...
    (microsoft.public.pocketpc)