Security Basics mailing list archives

RE: RDP Client for Windows

From: "Alex Pimperton" <alex () magdalenstreet co uk>
Date: Thu, 18 Dec 2003 14:21:41 -0000

AS I only have Windows 2003, I'm not sure If this can be done under windows
2000, but you need to apply a group policy to the terminal server.

This document:

 
http://download.microsoft.com/download/d/8/b/d8b21533-a5bf-4d46-8878-ebbf834
fc6f7/Win2003_Teminal_Server_Lockdown.doc 

Shows how to lock down terminal server, and the section your interested in
is on page 7.

" Computer Configuration\Administrative Templates\Windows
Components\Terminal Services Client\Server data redirection

.       Do not allow drive redirection

        Recommended setting: Enabled
        By default, Terminal Server maps client drives automatically upon
connection. It is recommended that you enable this policy to prevent
users from having easy access to applications on their local    computer."

If you apply this to the terminal server, this should stop clients mapping
their drives. There are also several other settings in the Terminal Services
Client Section of Group Policy for locking local printers etc down.

Thanks

Alex

-----Original Message-----
From: Chris Halverson [mailto:chris.halverson () encana com]
Sent: 17 December 2003 18:28
To: security-basics () securityfocus com
Subject: RDP Client for Windows

We are currently requiring the use of Remote Desktop Connections for
numerous users to access their office computers from home.  The
connections are running through a secure VPN tunnel and are working as
designed, with one exception.  We do not want users accessing there home
hard drives through this method.  With the RDP client by default the
sharing of the home drives is unchecked, but is very easy to enable it and
then users can transfer internal documents onto a home computer or allow
Viruses from the home computer onto the Corporate Network.

Any thoughts on how to rectify this?

Group Policy is definately out of the question, we cannot push group
policy to the users home PC's.

--------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--




---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

RDP Client for Windows Chris Halverson (Dec 17)
- Re: RDP Client for Windows Grzegorz Cegielski (Dec 18)
- RE: RDP Client for Windows Alex Pimperton (Dec 18)
- RE: RDP Client for Windows Erick Grau (Dec 18)
- RE: RDP Client for Windows Erick Grau (Dec 18)
- Re: RDP Client for Windows Sasha (Dec 22)
- <Possible follow-ups>
- RE: RDP Client for Windows Depp, Dennis M. (Dec 18)
- RE: RDP Client for Windows Halverson, Chris (Dec 18)