Re: Terminal Services Security using Remote Desktop Client
From: Alex K. Angelopoulos [MVP] (aka-at-mvps-dot-org)
Date: 08/27/04
- Next message: Jake: "RDP from XP Pro or Home to SBS 2003 or W2K SP2"
- Previous message: DevenLF: "RE: Terminal Server will not respond"
- In reply to: Cláudio Rodrigues: "Re: Terminal Services Security using Remote Desktop Client"
- Next in thread: Cláudio Rodrigues: "Re: Terminal Services Security using Remote Desktop Client"
- Reply: Cláudio Rodrigues: "Re: Terminal Services Security using Remote Desktop Client"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 27 Aug 2004 18:08:15 -0500
Cláudio Rodrigues wrote:
> Although there were some DoS available through the RDP protocol, after
> years of experience deploying TS, I am still to see one single case
> where a TS was hacked using the RDP protocol only.
> The RDP encryption is enough for sure and more than that is needed if
> your company is paranoic.
> A VPN is way a bigger, huge risk these days than a terminal server.
Since I generally agree with Cláudio, I'm piggybacking on his post. :)
I tend to prefer using VPN/SSH, but the reasons for that have nothing to do
with specifics of TS security; it's simply because those connections allow
me to tunnel in remotely and access many different points on a LAN, with
only one external configured connection.
This brings us around to the reason why a VPN might be a security risk. The
single most significant vulnerability that is exploited is not someone
decrypting your traffic: it's brute force attacks succeeding against poorly
selected passwords. In that scenario, you can argue that a VPN is LESS
secure simply because the attacker would have direct access to anything on
your LAN accessible from the VPN.
- Next message: Jake: "RDP from XP Pro or Home to SBS 2003 or W2K SP2"
- Previous message: DevenLF: "RE: Terminal Server will not respond"
- In reply to: Cláudio Rodrigues: "Re: Terminal Services Security using Remote Desktop Client"
- Next in thread: Cláudio Rodrigues: "Re: Terminal Services Security using Remote Desktop Client"
- Reply: Cláudio Rodrigues: "Re: Terminal Services Security using Remote Desktop Client"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
