|
Security Basics
mailing list archives
Re: Remote Web Workplace security
From: barcajax () gmail com
Date: 4 Mar 2006 08:58:19 -0000
You're not paranoid... you're using your brain that's all. Not tunnelling RDP through a VPN tunnel would require you to
allow incoming RDP connections through your corporate perimeter firewall. People scanning your firewall would be able
to discover that RDP is allowed and start targetting those RDP-enabled servers/workstations. RDP has had a history of
vulnerabilities. Found two references from M$'s website for your review.
http://www.microsoft.com/technet/security/advisory/904797.mspx
http://www.microsoft.com/technet/security/Bulletin/MS05-041.mspx
Using VPN is the right strategy because you can apply access control to ensure that your users authenticate first
before connecting to servers they are authorised to via RDP.
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
| 
