Re: SCW with Terminal Services Custom Port

Patrick,
Thanks for the wisdom. What we were after is not necessarily increase
security from hackers/imposters, but the internal users who get curious and
try to use the Remote Desktop Connection application that now comes with XP.
These are authorized users on the domain and also by default allowed to go
onto certain terminal servers, but not all. We were just trying to keep the
nosey one out by using the custom ports.

I take it from your post that it is not possible to keep the port change
after applying SCW? Can you validate my conclusion, please? Thanks.

-Parhez






"Patrick Rouse" <PatrickRouse@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F60F0B04-14B6-44B6-88C1-D1A48AED05B3@xxxxxxxxxxxxxxxx
> I've said this before, and I'll say it again. Changing your listening
> port
> from 3389 to something else does not make your servers more secure, as
> anyone
> with tools (or skills) good enough to crack your system, has the ability
> to
> find the listening port.
>
> The most exploited TCP Ports are 25 (SMTP) & 80 (HTTP), not RDP, which to
> recollection has not had an exploited secuity flaw in several years.
>
> Require strong passwords and you'll be fine.
>
> --
> Patrick Rouse
> Microsoft MVP - Terminal Server
> http://www.workthin.com
>
>
> "Parhez Sattar" wrote:
>
>> In my attempts to apply SP1 and then configure the security of our
>> Terminal
>> Services server using the Security Configuration Wizard, it appears that
>> the
>> SCW is not compatible with customizing the RDP port on the server. We had
>> changed that port number from 3389 to something else and after running
>> the
>> SCW, it seems like the server only accepts RDP connections using 3389.
>> During the SCW, we did notice that the Network Security section mentioned
>> that the RDP port was set to 3389 and I couldn't change that. I had just
>> hoped that the registry key change would still take precedence.
>> Unfortunately, that doesn't seem to be case.
>>
>>
>> Does anybody know how to use SCW yet keep that custom RDP port on the
>> Terminal Server?
>>
>>
>>


.

Relevant Pages

  • Re: group opinion requested
    ... If you are not hosting your own website, you can close port 80 inbound. ... I and PSS didn't think it was copromised prior ... >> If you suspect a security issue, you can call the MS Security Team. ... They will check your server thoroughly. ...
    (microsoft.public.windows.server.sbs)
  • Re: Getting Data from behind a firewall.
    ... 1434 port is the port used in the Slammer worm. ... Any open port, even yes, a VPN connection can be a security risk. ... Just because you've only opened up the firewall for traffic from only that IP ... Security Baselines for setting up a server? ...
    (microsoft.public.sqlserver.security)
  • Re: Getting Data from behind a firewall.
    ... 1434 port is the port used in the Slammer worm. ... Any open port, even yes, a VPN connection can be a security risk. ... Just because you've only opened up the firewall for traffic from only that IP ... Security Baselines for setting up a server? ...
    (microsoft.public.security)
  • Re: sbs 2008 - no Internet access possible to 2nd server
    ... IIS can have security flaws and if your webserver gets compromised, it is better to have that server on its own network so the baddies don't get back to your LAN. ... I have had clients, in the past insist that I use the 'free' port forwarding setup. ... Agree with Larry that it is not a good practice to publish web site in the ...
    (microsoft.public.windows.server.sbs)
  • Re: SCW with Terminal Services Custom Port
    ... I am not familiar with the SCW you're referring to, ... > I take it from your post that it is not possible to keep the port change ... >> Microsoft MVP - Terminal Server ...
    (microsoft.public.windows.terminal_services)