Educause Security Discussion mailing list archives

Re: Remote Acceses Policies - VPN vs Desktop Access

From: Vik Solem <vik.solem () TUFTS EDU>
Date: Thu, 25 Mar 2010 14:45:05 -0400

On Mar 25, 2010, at 13:39 , Flynn, Gary wrote:

Do you place any restrictions on remote access to desktops if
they're coming
through your VPN? For example, Windows Remote Desktop, VNC, PC
Anywhere, SSH,
X Windows, etc.? Or perhaps not through your VPN (GoToMyPC.com,
LogMeIn.com, etc.)?
(Am I missing any major ones?)


Following a particularly rough attack which used RDP (TCP/3389) at a
control channel, we put a rule at the border which stops all TCP/3389
inbound.  (I'm not sure if the dorms are included, but I think they
might be.)

This forces people to use the VPN for access to thing that use RDP on
port TCP/3389.  This doesn't prevent people from using non-standard
ports, but it does protect most of the people who use RDP daily.

-Vik

Vik Solem
Sr. Applications Risk Consultant
Information Security
Tufts University UIT / 617-627-4326

Check Out the UIT Information Security Team blog
http://blogs.uit.tufts.edu/infosecteamblog/

Current thread:

Remote Acceses Policies - VPN vs Desktop Access Flynn, Gary (Mar 25)
- <Possible follow-ups>
- Re: Remote Acceses Policies - VPN vs Desktop Access Vik Solem (Mar 25)
- Re: Remote Acceses Policies - VPN vs Desktop Access Witmer, Robert (Mar 25)
- Re: Remote Acceses Policies - VPN vs Desktop Access Flynn, Gary (Mar 25)