Re: Remote access solution

["Nuzman" <nuzman () shreve net>]

While I haven't studied the security of the protocol itself, RDP is supposed
to be somewhat secure. I use administrative terminal services to manage
Win2k systems in the DMZ. The firewall restricts access to the RDP port only
from specific admin workstations (IP addresses) on the internal network.

As always, administrator accounts have been renamed, a new account named
administrator was created with an incredibly long random password and no
permissions (hack away all day at it) ... and strong, complex passwords
exists for all accounts.

Stay away from VNC for any but the most casual and temporary remote access
circumstances.

Norris Carden
www.rasquel.com

----- Original Message -----
From: <sharon_joyner () timeinc com>
To: <security-basics () securityfocus com>
Sent: Thursday, February 20, 2003 11:14 AM
Subject: RE: Remote access solution


> One product I've heard of is Neoteris, http://www.neoteris.com/, but I
> haven't heard much about how secure it might be.  Does anyone have an
> opinion?
>
> Sharon
>
>
>
>
> -----Original Message-----
> From: Orlando J. Cano [mailto:ojcano () scif com]
> Sent: Wednesday, January 29, 2003 7:58 PM
> To: security-basics () securityfocus com
> Subject: Remote access solution
>
>
> I have recently been assigned to join efforts with our Network group in
> coming up with a secure  remote access solution for our Network. This
> will involve accessing servers in our DMZ. I was wondering if this
> securityfocus community could elaborate on how secure VNC, Freevision or
> Terminal Services are or better yet recommend another solution.
> Any comments would be greatly appreciated.
>
> Thanks
>
> oc
>
>
>
> -----------------------------------------------------------------------
>
> This message is the property of Time Inc. or its affiliates. It may be
> legally privileged and/or confidential and is intended only for the use
> of the addressee(s). No addressee should forward, print, copy, or
> otherwise reproduce this message in any manner that would allow it to be
> viewed by any individual not originally listed as a recipient. If the
> reader of this message is not the intended recipient, you are hereby
> notified that any unauthorized disclosure, dissemination, distribution,
> copying or the taking of any action in reliance on the information
> herein is strictly prohibited. If you have received this communication
> in error, please immediately notify the sender and delete this message.
> Thank you.