Security Basics mailing list archives
AW: Remote desktop access policy
From: "Johannes Lemmerer" <jlemmerer () node at>
Date: Fri, 18 Jan 2008 21:43:27 +0100
Have you ever thought about a terminal server solution. We at my company used RSA SecurID to connect to a terminal server that enabled an RDP connection, or to a published desktop where they could read their mails and work online while saving the data to the companies network shares. When setting a citrix timeout you also have to worry less about careless users leaving their desktop open to the public, because there is no VPN connection to the company and the citrix app locks itself after a given amount of time. Would this solution be viable to you? -- johannes -----Ursprüngliche Nachricht----- Von: listbounce () securityfocus com [mailto:listbounce () securityfocus com] Im Auftrag von Petter Bruland Gesendet: Freitag, 18. Jänner 2008 17:00 An: WALI; security-basics () securityfocus com Betreff: RE: Remote desktop access policy We have about 10 users here who remote into their desktops via RDC over VPN. And we only allow users who have home office computers/laptops owned by the company, to connect via VPN. Between the VPN network and the LAN, there's gateway antivirus scanning & spyware scanning. So far this seems to work well, but I'd like to take advantage of Windows Server 2008's NAC feature when that comes out. As we would gain even more control of the end client. Like checking for a client Antivirus app etc. Hopefully we'll see some of the more l33t admins respond to your post, with some good info about security in this situation. -Petter -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of WALI Sent: Friday, January 18, 2008 5:33 AM To: security-basics () securityfocus com Subject: Remote desktop access policy Hi guys...do you have any remote desktop policy clauses that you can share? I am having difficulties in trying to tell people the hazards of haphazardly asking IT guys the perils of asking access to their desktops when the come in via VPN. Everyone wants to have a VPN client and then to a remote desktop session to their desktop. How can I tell them the threats of doing so? Are there any threats? Should I restrict such usage? For one, it makes a lot of economic sense to switch off PC once a user leaves his/her desk for the day.
Current thread:
- Analyzing Suspicious Attachment Al Cooper (Jan 17)
- Re: Analyzing Suspicious Attachment Albert R. Campa (Jan 17)
- RE: Analyzing Suspicious Attachment Brett Kennedy (Jan 17)
- Remote desktop access policy WALI (Jan 18)
- RE: Remote desktop access policy Petter Bruland (Jan 18)
- AW: Remote desktop access policy Johannes Lemmerer (Jan 18)
- Re: Remote desktop access policy Josh Haft (Jan 18)
- Re: Remote desktop access policy The Security Community (Jan 18)
- Re: Remote desktop access policy Kurt Buff (Jan 19)
- Re: Remote desktop access policy WALI (Jan 21)
- Re: Remote desktop access policy Kurt Buff (Jan 21)
- RE: Analyzing Suspicious Attachment Brett Kennedy (Jan 17)
- Re: Analyzing Suspicious Attachment Albert R. Campa (Jan 17)
- Re: Remote desktop access policy Gleb Paharenko (Jan 18)
- Re: Remote desktop access policy Kurt Buff (Jan 19)
- Re: Analyzing Suspicious Attachment brian . bevers (Jan 17)