PaulDotCom mailing list archives
Re: Secure Remote Connections
From: Bugbear <gbugbear () gmail com>
Date: Wed, 11 Aug 2010 20:04:19 -0400
What version of Windows, RDP client, term server, and domain do you have? RDP 6.X and above supports 128 bit SSL (while not perfect certainly better than earlier versions- See classic paper on older version here http://www.oxid.it/downloads/rdp-gbu.pdf ). You really should encrypt those laptops. Also an IPSEC tunnel would be better. Saving creds may be able to controlled via registry or GPO but without hardening the end point, meh Are these system hardened at all, services, patch mgmt, host firewall, etc... ? You mentioned you failed an audit. Audit for specific regulatory body? Or just internal? Just my 21/2 cents, I am sure others will have input 2 On Wed, Aug 11, 2010 at 2:28 PM, Tyler Robinson <pcimpressions () gmail com> wrote:
Alright so after failing a recent security audit which I knew we would I have a little bit of fire to allow me to make some corp changes one of them being remote devices and policy. Currently there are mobile devices unencrypted, and with cheesy passwords out on the road using unsecured RDP to connect back to our terminal server to use apps, My question is what is going to be an easy to roll out solution to make this situation secure I worry that one of these devices will get stolen or sniffed and the terminal server is on the LAN with the rest of everything , it’s a flat domain… so> how to I allow remote connections securely without allowing them to save there stupid RDP Connection credentials(set to autologin) on an unpassworded desktop. Any ideas or suggestions I have one year to plan, implement and change this broken system, over about 10 corps all releated and setup the same…. Thanks as always to everyone, TR _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Secure Remote Connections Tyler Robinson (Aug 11)
- Re: Secure Remote Connections Bugbear (Aug 12)
- Re: Secure Remote Connections Chris Blazek (Aug 12)
- Re: Secure Remote Connections Craig Freyman (Aug 12)
- Re: Secure Remote Connections Jack Daniel (Aug 12)
- Re: Secure Remote Connections Jody & Jennifer McCluggage (Aug 13)
- Re: Secure Remote Connections Tyler Robinson (Aug 13)
- Re: Secure Remote Connections Chris Keladis (Aug 14)
- Re: Secure Remote Connections Jody & Jennifer McCluggage (Aug 13)
- Re: Secure Remote Connections Matt Nelson (Aug 13)