Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Remote desktop

Posted on 2004-08-10
3
Medium Priority
?
253 Views
Last Modified: 2010-04-08
Hello, i have a question regarding remote desktop and security.

Is setting up a server for remote desktop connections over the internett a smart thing to do when the company has lots of
business secrets? Is it smart in any case? How easy would it be for a hacker to get into the system?

Dont know if this is the right forum ....

thanks

0
Comment
Question by:daxa78
3 Comments
 
LVL 15

Accepted Solution

by:
Yan_west earned 1000 total points
ID: 11762849
I would not expose terminal services directly on the internet, that is not a good thing to do. An open port directing itself automaticly to a machine awaiting authentication should not be done.

I would put it inside the firewall, and the client  would have to log in the network using VPN first. After using remote desktop would be ok
0
 
LVL 36

Expert Comment

by:grblades
ID: 11765777
Hi daxa78,
I agree with Yan_West that it would be a bad idea. I would only consider doing it if I only permitted specific IP addresses.
Something like a PIX 501 is quite cheap. If you want something that is free but a little complicated to setup on windows clients then you could connect to an internal Linux machine via SSH and use tunneling to connect to the terminal server.
0
 
LVL 3

Expert Comment

by:yokel
ID: 11767791
All good advice. Also what exactly do you want to achieve?
For instance allowing encrytpted and authenticated access is obviously an absolute must, especially if the internal server contains senstive company information.
Therefore only allow access from certain IP addresses.
Encrypt the connection
Authenticate the session (passwords and/or certificates)

Also consider putting the server onto a DMZ by itself. Then if the server is compromised (either by a trusted user, or someone who has hacked on), they still do not have access to your internal LAN. Remember if this server is on your trusted LAN then anyone with terminal access to the server has complete access to your LAN with no firewall protection (as they will be logged onto a machine behind your network).
0

Featured Post

WatchGuard Case Study: NCR

With business operations for thousands of customers largely depending on the internal systems they support, NCR can’t afford to waste time or money on security products that are anything less than exceptional. That’s why they chose WatchGuard.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question