Re: RDP into a PC

["Sam Stern" <samstern () samstern net>]

> -----Original Message-----
> From: firewall-wizards-bounces () listserv icsalabs com 
> [mailto:firewall-wizards-bounces () listserv icsalabs com] On 
> Behalf Of Julian M D

> Yes, this is the corect port forwarding!
> Check the spelling on cisco(config)#Acces-group out-to-in in 
> interfae outside
>
> Julian Dragut
>
> On 5/19/06, Ratna Thurairatnam <ratna1504 () yahoo com> wrote:
> >  Hi All,
> >  I am new to pix and need your help please
> >
> >  pix has few other access-list
> >  i want to open a port 8080 so that a user can rdp into his 
> PC using the format publicip:8080
> >  ill it work If i do these,?
> >
> >  cisco(config)#Static (inside,outside) tcp interface 8080 
> 10.0.0.253 3389 netmask 255.255.255.255 0 0
> >  cisco(config)#Access-list out-to-in permit tcp any 
> interface outside eq 8080
> >  cisco(config)#Acces-group out-to-in in interfae outside
> >
> >  your help would be appreciated.
> >  Thank you in advance

Hi All,

I'm a little concerned by your choice of ports. Port 8080 has one of the
highest instances of malicious traffic -- everything from attempts to abuse
the proxy server(s) that use that port to proxy related DoS attempts. You
will be forwarding this "bad" traffic into the user's PC as well. While it's
unlikely that such traffic will ever remotely compromise the Remote Desktop
system, such traffic could still cause unneeded problems. At best, this will
generate unneeded security events and may sap some bandwidth from the remote
desktop connection and at worst you may inadvertently DoS that PC. I would
suggest that you select another, less abused, port for this rule.


Respectfully,

Sam Stern
Grand Island, New York, USA

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards