Re: Terminal services

What's wrong with just using RWW? That only uses SSL/Port 443

Rick F

"Leythos" <void@xxxxxxxxxxx> wrote in message
news:MPG.1d7e87b62b013285989dcf@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> In article <883CC70A-5690-45E2-8B59-B698ACB72FFB@xxxxxxxxxxxxx>,
> MCL@xxxxxxxxxxxxxxxxxxxxxxxxx says...
>> I'm am prefacing my question by stating that I am not an IT person and
>> have
>> limited knowledge about this stuff and would appreciate that any
>> responses
>> are geared toward the layperson.
>>
>> We are running SBS2003 and are using terminal services to login to our
>> individual workstations from remote locations. This was setup by our IT
>> consultant. However, he told us that this is not a very secure way to do
>> this (multiplte open ports in the firewall??, weak accounts??) and
>> suggested
>> that we get another server box to act as the terminal server which is
>> networked into our SBS box.
>>
>> Another option was a Citrix solution for loging in from any PC using a
>> web
>> browser.
>>
>> What are the relevant security issues, if any? Comments about the Citrix
>> solution?
>
> The easiest method, using what you already have, is to get a quality
> firewall that acts as a PPTP Endpoint.
>
> There is nothing wrong with using Remote Desktop to connect to your
> personal computers, but you do NOT want to expose those ports to the
> Internet for any reason.
>
> What you want to do is have the remote users VPN into the firewall from
> their locations, then have a firewall rule that lets VPN users access
> their specific machine using RD. This means that even if a user can VPN
> into the firewall, that they can only get into RD and not actually
> browse your network - they are limited to their own computer at the
> office and only what is available via that computer.
>
> People outside the office, unless they know the VPN user/password, can't
> access your network.
>
>
> --
>
> spam999free@xxxxxxxxxx
> remove 999 in order to email me


.

Relevant Pages

  • RE: Remote desktop over a VPN
    ... I understand the issue to be: you have created VPN ... from SBS to remote network, however you can not VPN to remote network from ... This issue may occur because the ISA Server Firewall Client program does ...
    (microsoft.public.windows.server.sbs)
  • Re: Remote User Management
    ... The problem is management of remote computers and compliance ... when they do not have network ... We have been considering installing Site-Link VPN appliances at the ... establish connectivity to domain resources. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Travelling laptops over VPN
    ... >>> on the user's machine within the properties of the VPN Dialup Connectiod. ... >> network administrators would want to do that to prevent the users from enabling ... when the user connects to the VPN using the Cisco ... the firewall shuts off because it sees the domain. ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: Travelling laptops over VPN
    ... >>> on the user's machine within the properties of the VPN Dialup Connectiod. ... >> network administrators would want to do that to prevent the users from enabling ... when the user connects to the VPN using the Cisco ... the firewall shuts off because it sees the domain. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: VPN Connection to remote site.
    ... If you need further assistance about SBS and ISA in the future, please feel free to post back. ... >Subject: Re: VPN Connection to remote site. ... >problematic and we found that the EPOS PC tended to drop off the network ...
    (microsoft.public.windows.server.sbs)