Re: terminal services

["R. DuFresne" <dufresne () sysinfo com>]

On Tue, 28 Jan 2003 natfirewall () netscape net wrote:

> Greetings,
>
> I am being asked to open port 3389 on our Corporate firewall and direct incoming traffic on that port to a specific 
> IP on our internal network.  Being the paranoid that I am, I do not want to do this but I need better 
> reasons/ammunition other than saying "it would be bad".  I am looking for pointers to information hopefully in 
> support of my fear of M$ security.  Also,  the more recent the information the better.


What's on that backend channel you are being asked to open port 3389 for?
You need to know what service you are opening up on that port to make an
informde decision.  So, you need to ask those running the server what
their need is for, what they are running there and trying to accomplish.

> Not being close minded,  I would also be interested in seeing any information which would make me feel warm and fuzzy 
> about opening the port. 

See above.  It's the feeling here you do not have enough information at
present to make an informed decision.

Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards