RE: Windows Remote Desktop

[jamesworld () intelligencia com]

Ahh,,


but what about the option to connect local resources......

Drives
Printers
Serial Ports
Smart Cards

....

Talk about the ability to transfer company data out...  What is protecting 
the actual data, MS RDP encryption  which defaults to "medium" security by 
default.

Again it comes back to.......What is the company policy?  If it doesn't 
cover it, the policy needs to be updated.


-James

At 12:14 01/14/2004, Shawn Jackson wrote:

>         Eh' for 'Testing' I use a remote SSH server off my backbone. I
> do 'periodically' login to my remote XP workstation and do some work.
> Because only screen information is transmitted even if that system was
> hacked or infected with a virus it won't affect my network at work. My
> XP system doesn't sit directly on the Internet through; it goes through
> a Debian box running iptables.
>
> Shawn Jackson
> Systems Administrator
> Horizon USA
> 1190 Trademark Dr #107
> Reno NV 89521
> www.horizonusa.com
>
> Email: sjackson () horizonusa com
> Phone: (775) 858-2338
>        (800) 325-1199 x338
>
> -----Original Message-----
> From: Michael Gale [mailto:michael () bluesuperman com]
> Sent: Tuesday, January 13, 2004 8:35 PM
> To: security-basics () securityfocus com
> Subject: Windows Remote Desktop
>
> Hello,
>
>         I have a question, I have locked down a company network allowing
> only
> web browsing, SSH and FTP. Nothing else is need and soon SSH and FTP
> will be gone hopefully once the VPN is final.
>
> Right now a internal user is complaining about the fact their remote
> desktop connection to their home PC is no longer working.
>
> The justification is that a remote PC out side the network is needed for
> testing. At which point I gladly offered to setup a out side box for
> testing. :)
>
> Any ways the question I have is, do you feel that Remote Desktop (into
> WinXP) is a secure enough connection to allow it. I mind you that this
> is supposed to be a  outbound connection only but you never know with
> windows.
>
>
> --
> Hand over the Slackware CD's and back AWAY from the computer, your geek
> rights have been revoked !!!
>
> Michael Gale
> Slackware user :)
> Bluesuperman.com
>
> ------------------------------------------------------------------------
> ---
> Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off
> any
> course! All of our class sizes are guaranteed to be 10 students or less.
>
> We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion
> Prevention,
> and many other technical hands on courses.
> Visit us at http://www.infosecinstitute.com/securityfocus to get $720
> off
> any course!
> ------------------------------------------------------------------------
> ----
>
>
> ---------------------------------------------------------------------------
> Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
> course! All of our class sizes are guaranteed to be 10 students or less.
> We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
> and many other technical hands on courses.
> Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
> any course!
> ----------------------------------------------------------------------------


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------