Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Remote Access to Staff Desktops

From: Robin Polak <robin.polak () GMAIL COM>
Date: Wed, 18 Feb 2009 10:38:59 -0500
When we receive requests for remote access to a desktop PC we grant access
to our PopTop VPN server via LDAP attribute, static lease there desktop via
our DHCP server, and enable Remote Desktop on there PC.

On Wed, Feb 18, 2009 at 10:14, Mark Monroe <markm196 () netscape net> wrote:


We allow it only through VPN. For Users who say they need ssh open without
vpn, they can have it open only if they implement technology on their box
that will blacklist  any ip  address after  3 failed attempts and any ip
address that  tries to use root. I have not opened any yet outside systems
run by core IT staff. I guess they didn't really need it.

Mark Monroe



Gary Flynn wrote:


Tim Lane wrote:

 We are receiving an increasing number of requests from staff to remotely

access their desktops, for a variety of reasons.
 I would be interested in hearing if any other Universities allow this,
and if so how you are providing secure access, or if you have any
thoughts/comments on the matter.



When someone requests exposure of a remote control or shell service
( e.g. RDP, VNC, SSH, telnet ) we will grant it but only after
recommending they use our VPN instead.







--
Robin Polak
E-Mail: robin.polak () gmail com
V. 917-494-2080
Previous By Date Next
Previous By Thread Next

Current thread: