Re: Secure Remote Connections

["Matt Nelson" <mattnels () gmail com>]

TR,
 
You could easily use a pFsense firewall for OpenVPN or an IPSEC tunnel.
(You can use the Shrewsoft IPSEC client)     If you really have your heart
set on using RDP, you'll want to utilize the SSL like Bugbear mentioned, but
you'll have to set up certs for that.
 
 
From: pauldotcom-bounces () mail pauldotcom com
[mailto:pauldotcom-bounces () mail pauldotcom com] On Behalf Of Tyler Robinson
Sent: Wednesday, August 11, 2010 1:29 PM
To: PaulDotCom Security Weekly Mailing List
Subject: [Pauldotcom] Secure Remote Connections
 
Alright so after failing a recent security audit which I knew we would I
have a little bit of fire to allow me to make some corp changes one of them
being remote devices and policy. Currently there are mobile devices
unencrypted, and with cheesy passwords out on the road using unsecured RDP
to connect back to our terminal server to use apps, My question is what is
going to be an easy to roll out solution to make this situation secure I
worry that one of these devices will get stolen or sniffed and the terminal
server is on the LAN with the rest of everything , it's a flat domain. so
how to I allow remote connections securely without allowing them to save
there stupid RDP Connection credentials(set to autologin) on an unpassworded
desktop. Any ideas or suggestions I have one year to plan, implement and
change this broken system, over about 10 corps all releated and setup the
same..
Thanks as always to everyone,
TR

Attachment: PGP.sig
Description:

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com