Security Basics mailing list archives
RE: RDP Client for Windows
From: "Alex Pimperton" <alex () magdalenstreet co uk>
Date: Thu, 18 Dec 2003 14:21:41 -0000
AS I only have Windows 2003, I'm not sure If this can be done under windows 2000, but you need to apply a group policy to the terminal server. This document: http://download.microsoft.com/download/d/8/b/d8b21533-a5bf-4d46-8878-ebbf834 fc6f7/Win2003_Teminal_Server_Lockdown.doc Shows how to lock down terminal server, and the section your interested in is on page 7. " Computer Configuration\Administrative Templates\Windows Components\Terminal Services Client\Server data redirection . Do not allow drive redirection Recommended setting: Enabled By default, Terminal Server maps client drives automatically upon connection. It is recommended that you enable this policy to prevent users from having easy access to applications on their local computer." If you apply this to the terminal server, this should stop clients mapping their drives. There are also several other settings in the Terminal Services Client Section of Group Policy for locking local printers etc down. Thanks Alex
-----Original Message----- From: Chris Halverson [mailto:chris.halverson () encana com] Sent: 17 December 2003 18:28 To: security-basics () securityfocus com Subject: RDP Client for Windows We are currently requiring the use of Remote Desktop Connections for numerous users to access their office computers from home. The connections are running through a secure VPN tunnel and are working as designed, with one exception. We do not want users accessing there home hard drives through this method. With the RDP client by default the sharing of the home drives is unchecked, but is very easy to enable it and then users can transfer internal documents onto a home computer or allow Viruses from the home computer onto the Corporate Network. Any thoughts on how to rectify this? Group Policy is definately out of the question, we cannot push group policy to the users home PC's. -------------------------------------------------------------------------- - -------------------------------------------------------------------------- --
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RDP Client for Windows Chris Halverson (Dec 17)
- Re: RDP Client for Windows Grzegorz Cegielski (Dec 18)
- RE: RDP Client for Windows Alex Pimperton (Dec 18)
- RE: RDP Client for Windows Erick Grau (Dec 18)
- RE: RDP Client for Windows Erick Grau (Dec 18)
- Re: RDP Client for Windows Sasha (Dec 22)
- <Possible follow-ups>
- RE: RDP Client for Windows Depp, Dennis M. (Dec 18)
- RE: RDP Client for Windows Halverson, Chris (Dec 18)