RE: Terminal Services question

From: Phillip Renouf (PhillipRenouf_at_discussions.microsoft.com)
Date: 10/01/04 

Date: Fri, 1 Oct 2004 13:27:02 -0700

As I re-read the ominous "you will be hacked" statement that didn't come
across quite right. Opening that hole on your firewall will dramatically
increase the likelyhood of someone hacking your system.

Phil

"Phillip Renouf" wrote:

> The risk of opening the Terminal Server ports on your firewall is that
> essentially anyone can connect via RDP to your server right through your
> firewall. That is an enormous security hole and you will get hacked if you do
> that.
>
> Everyone is hyping up the Citrix solution because most remote access schemes
> involving Citrix are using the Citrix Extranet client and NFuse. That
> combination gives you a secured VPN connection to the NFuse portal which
> allows you to access your Citrix server(s) remotely. Essentially it's like a
> VPN, but it is only for access to Citrix and nothing else. This is a nicely
> secure connection especially if you combine the Extranet client with a
> SecurID authentication.
>
> Citrix offers a lot of other features that Terminal Services doesn't and
> that is really why it is worth the extra money if you are interested in using
> those features. The biggest ones are that Citrix has published applications
> and published desktops. Instead of just having a remote connection to the
> server you can control access to applications on a per application basis and
> can tailor a desktop for various groups of users to allow them to see only
> the applications that they need to use on the server. You can also put an
> icon on someones desktop that will display the application just as if it was
> running right on their desktop even though it is actually running on the
> Citrix server. There are many other features, but I'd be here all day going
> over them.
>
> Phil
>
> "Jeff" wrote:
>
> > I set up the Terminal Services on my Win 2003 server and a
> > few of us access it through VPN and it works GREAT. What
> > is the risk of opening the port on our router to access it
> > from anywhere vs Citrix which was highly recommended by a
> > lot of people. You know this Terminal Server works great
> > and if it's secure enough why not use it instead of paying
> > the extra $$$.
> >
> > Any suggestion I would greatly appreciate.
> >
> > Jeff
> >
> >

Relevant Pages

  • Re: Cant Mount Mailbox Store or Publick Folder Store
    ... My citrix is working now using ICA Client but after I tried to restart my Mail Server. ... "Mukesh" wrote: ... Either there are network problems or the Microsoft Exchange Server computer is down for maintenance. ...
    (microsoft.public.exchange.admin)
  • Problem Citris Web Client in SBS 2003 umgebung
    ... nur der administrator kann auf Citrix Server ... ich vermute das es an der Windows Firewall liegt ... trotzdem kommt nach einer ganzen weile eine Fehlermeldung des Citrix clients ...
    (microsoft.public.de.german.backoffice.smallbiz)
  • Re: How does Citrix run it faster? was Re: Microfocus COBOL 3.2.43 (16bit)
    ... over 25 sites) runs on Citrix served up from servers here in Austin. ... have moved a lot of stuff to zLinux, and in the process would up writing ... When Word loads for the ... doing anything else but managing the screen, while the server is pretty much ...
    (comp.lang.cobol)
  • Re: Long and quite bizzare network problem
    ... Is Admin3 the master browser on the network? ... setting on all computers except for the main server (which should be online ... > the remote location are using Citrix over a nailed T1.Main and Citrix ...
    (microsoft.public.win2000.networking)
  • RE: Windows Remote Desktop
    ... SSL/HTTPS then use the Citrix ICA encryption on top of that, ... Citrix can be more secure then RDP. ... change the server information and harder for it to connect to a 'wrong' ... >We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ...
    (Security-Basics)
Loading