Security Basics mailing list archives
Terminal Services Hardening >> was >> Re: Windows Remote Desktop
From: jamesworld () intelligencia com
Date: Tue, 20 Jan 2004 08:18:43 -0600
Go into TS properties and set Security ACL's on the TS config. Create a deny and an allow group and audit on them. Check your logs regularly :-)If you want some authentication.....tunnel your TS session through a SSH tunnel.
There are free and low cost offerings for windows, search the net. That will give you an additional level of auth + you get encryption.
-James At 03:14 01/20/2004, erisk wrote:
Hi all, On the topic of securing RDP i was wondering if anyone can help.... So far I have done the following on one of soon to be released Terminal servers where we want only small amount of users to acces it from their homes or other remote locations: (1) Hardend box, virus, patches, strong password controls etc (2) Changed the default port to something way up there.. (3) Enforced 128 bit encryption on the sessions Now everything works fine but Im still security concious and would like to know anymore tweeks to improve the overall security of Terminal Services.. I thought about two factor but we cant afford SecureID... Has anyone else got any other ideas or what they have done to their boxes? Something that is free or cheap and token based perhaps? Regards, Nick
---------------------------------------------------------------------------Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- RE: Windows Remote Desktop, (continued)
- RE: Windows Remote Desktop Shawn Jackson (Jan 15)
- RE: Windows Remote Desktop Depp, Dennis M. (Jan 16)
- RE: Windows Remote Desktop Shawn Jackson (Jan 16)
- RE: Windows Remote Desktop Shawn Jackson (Jan 16)
- Re: Windows Remote Desktop Jamie Pratt (Jan 16)
- RE: Windows Remote Desktop Shawn Jackson (Jan 16)
- RE: Windows Remote Desktop Shawn Jackson (Jan 19)
- RE: Windows Remote Desktop Depp, Dennis M. (Jan 19)
- RE: Windows Remote Desktop Shawn Jackson (Jan 19)
- Re: Windows Remote Desktop erisk (Jan 20)
- Terminal Services Hardening >> was >> Re: Windows Remote Desktop jamesworld (Jan 20)
- RE: Windows Remote Desktop P Cannon (Jan 20)
- Re: Windows Remote Desktop erisk (Jan 20)
- RE: Windows Remote Desktop Depp, Dennis M. (Jan 19)
- RE: Windows Remote Desktop Depp, Dennis M. (Jan 20)
- RE: Windows Remote Desktop Shawn Jackson (Jan 20)