Security Basics mailing list archives
Re: remote desktop question
From: Austin Murkland <amurkland () merydion com>
Date: Fri, 21 Oct 2005 16:53:48 -0700
make sure nothing but what's essential is running, use microsoft baseline security analyzer to give you a basic idea of how secure the MS sides of things are, make sure it's patched as fully as possible, run iis lockdown if you plan to have or not to have iis services on the computer. i believe xp pro limits you to a max of 2 users without additional terminal services licenses (if you can even purchase more..) only have port 3899 open (RDP) if you can get away with it. Log all in/out connections, and Log all traffic attempting to hit the box. Only give out a user account with limited access and a difficult to guess/bruteforce password. You might even want to setup a time based policy on your firewall to allow access only during off hours (or when the RDP traffic is likely to occur). Make sure you have auditing for logons/invalid logons turned on so attempts, etc..show up in the system log...hmm i think that's a good start.
anyone else? Austin Murkland cc wrote:
Dear All, The company I work with recently required a remote desktop access and to keep the budget down, I used a XP Pro system to receive only one Remote Desktop user. Since this requires the opening up of a port on the firewall, I'm quite concerned. I have limited the system to only one or two users who can log on. Since this is my initial foray into the remote desktop client (in the past, we used PCAnywhere, but it's getting more and more expensive(hard to justify purchasing a license for each system). In what ways can I protect the remote desktop system from being broken into? (Well, aside from shutting it down.) Any pointers appreciated. Edmund
Current thread:
- remote desktop question cc (Oct 21)
- RE: remote desktop question Richard Parry (Oct 24)
- Re: remote desktop question Alloishus BeauMains (Oct 24)
- Re: remote desktop question Alejandro Flores (Oct 24)
- RE: remote desktop question List Account (Oct 24)
- Re: remote desktop question Peter Koinnage (Oct 24)
- Re: remote desktop question Austin Murkland (Oct 24)
- Re: remote desktop question tkrin (Oct 24)
- Re: remote desktop question Netops (Oct 31)
- <Possible follow-ups>
- RE: remote desktop question Keith Bucknall (Oct 24)
- RE: remote desktop question Mike Harlan (Oct 24)
- RE: remote desktop question Jeff Gercken (Oct 24)
- Re: remote desktop question Micheal Espinola Jr (Oct 25)