Solved

Terminal Server [auditing/securing and analyzing]

Posted on 2004-11-02
252 Views
Last Modified: 2013-12-04
Hi allz,

I want to know if it's okay to setup a TERMINAL SERVER on WEB SERVER ?
also how can I check for the security issues related to TERMINAL SERVER ?
and what are the do's and don'ts for installing TERMINAL SERVER ?
and what are the chances of compromising of a TERMINAL SERVER ?
and other information / security audit tools concerning MS TERMINAL SERVICES......

Thanks in advance
p.s: don't suggest alternative
0
Question by:imnajam
    6 Comments
     
    LVL 19

    Accepted Solution

    by:
    0
     
    LVL 57

    Assisted Solution

    by:PeteLong
    OK yes of course you can set up TS on a web server you need to have a server runninf IIS 5 (or 6)

    then install TSWebsetup.exe on it (if your runnig IIS5 it will automatically run the IIS lockdown tool - but it will not affect your current website)
    once its installed it will create a sub folder in your inetpub/wwwroot folder called tsweb

    download from
    http://www.microsoft.com/downloads/details.aspx?familyid=e2ff8fb5-97ff-47bc-bacc-92283b52b310&displaylang=en

    you can then access the TSweb connection via http://yourwebaddress/tsweb/

    NOTE for it to work you need port 80 TCP inbound open AND port 3389 inbound open (or forwarded depending on your network)

    your clinet connects over port 80 (web) to the URL then downloads an activeX applet that connects to the TS server (so the client needs to have activeX enables or the URL needs to be trusted)
    0
     
    LVL 4

    Assisted Solution

    by:riotz
    well there is nothing to worry about your terminal server.
    there are no knows bugs for terminal services yet.. so the only way on compromissing it would be a verry time expensive brute force attack on the logins.. which would be waste if you have a good password policy on that server.

    the only thing i would worry about is the webserver ;)
    0
     
    LVL 57

    Expert Comment

    by:PeteLong
    ThanQ
    0
     
    LVL 9

    Author Comment

    by:imnajam
    You welcome! and thanks for participating and giving your comments in the question:)
    0
     
    LVL 19

    Expert Comment

    by:1stITMAN
    ThanQ ;)
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
    Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    884 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now