Re: Terminal Services question

From: Todd J Heron (todd_heron_no_spam_at_hotmail.com)
Date: 10/02/04 

Date: Sat, 2 Oct 2004 09:44:26 -0400

Agreed. Based on his situation, he'd better take the first level of
improving security over that right away by renaming the administrator
account and setting up a complex password policy. 

-- 
Todd J Heron, MCSE
Windows 2003/2000/NT
"Phillip Renouf" <PhillipRenouf@discussions.microsoft.com> wrote in message
news:C246BDC3-EEB5-4AC8-902B-6CCACB60BAD0@microsoft.com...
> As I re-read the ominous "you will be hacked" statement that didn't come
> across quite right. Opening that hole on your firewall will dramatically
> increase the likelyhood of someone hacking your system.
>
> Phil
>
> "Phillip Renouf" wrote:
>
> > The risk of opening the Terminal Server ports on your firewall is that
> > essentially anyone can connect via RDP to your server right through your
> > firewall. That is an enormous security hole and you will get hacked if
you do
> > that.
> >
> > Everyone is hyping up the Citrix solution because most remote access
schemes
> > involving Citrix are using the Citrix Extranet client and NFuse. That
> > combination gives you a secured VPN connection to the NFuse portal which
> > allows you to access your Citrix server(s) remotely. Essentially it's
like a
> > VPN, but it is only for access to Citrix and nothing else. This is a
nicely
> > secure connection especially if you combine the Extranet client with a
> > SecurID authentication.
> >
> > Citrix offers a lot of other features that Terminal Services doesn't and
> > that is really why it is worth the extra money if you are interested in
using
> > those features. The biggest ones are that Citrix has published
applications
> > and published desktops. Instead of just having a remote connection to
the
> > server you can control access to applications on a per application basis
and
> > can tailor a desktop for various groups of users to allow them to see
only
> > the applications that they need to use on the server. You can also put
an
> > icon on someones desktop that will display the application just as if it
was
> > running right on their desktop even though it is actually running on the
> > Citrix server. There are many other features, but I'd be here all day
going
> > over them.
> >
> > Phil
> >
> > "Jeff" wrote:
> >
> > > I set up the Terminal Services on my Win 2003 server and a
> > > few of us access it through VPN and it works GREAT. What
> > > is the risk of opening the port on our router to access it
> > > from anywhere vs Citrix which was highly recommended by a
> > > lot of people. You know this Terminal Server works great
> > > and if it's secure enough why not use it instead of paying
> > > the extra $$$.
> > >
> > > Any suggestion I would greatly appreciate.
> > >
> > > Jeff
> > >
> > >

Relevant Pages