Security Basics mailing list archives
Re: remote desktop question
From: jordanpw <jordanpw () gmail com>
Date: Wed, 02 Nov 2005 14:19:39 -0600
Richard Parry wrote:
I see this advice often on this list. I work with very small businesses (200 users and below) where number of servers / firewalls / routers, and budgets for same, are very small. So I have some (very basic I'm afraid) questions on this subject: -- Is there not a slowness / performance hit when forcing users to access a Terminal Server via a VPN connection? -- This will require VPN client software on all client machines right? Or is the in-built MS VPN connection stuff considered acceptably secure in this scenario? -- Or should we look at SSL VPN for this?Edmund, Since you already have a firewall system in place, I would suggest looking into the VPN capabilities of that firewall, closing the RDP port you have opened and only allow authenticated VPN users who have logged into the network access to the RDP sessions. RDP sessiona are encrypted with 128bit anyway, but at least with protecting the login to authenticated VPN users you won't need to worry about external break-ins. Hope this helps. Richard -----Original Message-----From: cc [mailto:cc () belfordhk com] Sent: 21 October 2005 7:28 AMTo: security-basics () securityfocus com Subject: remote desktop question Dear All, The company I work with recently required a remote desktop access and to keep the budget down, I used a XP Pro system to receive only one Remote Desktop user. Since this requires the opening up of a port on the firewall, I'm quite concerned. I have limited the system to only one or two users who can log on. Since this is my initial foray into the remote desktop client (in the past, we used PCAnywhere, but it's getting more and more expensive(hard to justify purchasing a license for each system). In what ways can I protect the remote desktop system from being broken into? (Well, aside from shutting it down.) Any pointers appreciated. Edmund
Thanks in advance for any feedback ...
Current thread:
- Re: remote desktop question jordanpw (Nov 02)
- Re: remote desktop question Scott C. Best (Nov 03)
- Re: remote desktop question Brian Loe (Nov 03)
- Re: remote desktop question jordanpw (Nov 03)
- Re: remote desktop question Brian Loe (Nov 03)
- Re: remote desktop question jordanpw (Nov 03)
- <Possible follow-ups>
- RE: remote desktop question Kirk Brady (Nov 03)