Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Terminal Server [auditing/securing and analyzing]

Posted on 2004-11-02
6
Medium Priority
?
255 Views
Last Modified: 2013-12-04
Hi allz,

I want to know if it's okay to setup a TERMINAL SERVER on WEB SERVER ?
also how can I check for the security issues related to TERMINAL SERVER ?
and what are the do's and don'ts for installing TERMINAL SERVER ?
and what are the chances of compromising of a TERMINAL SERVER ?
and other information / security audit tools concerning MS TERMINAL SERVICES......

Thanks in advance
p.s: don't suggest alternative
0
Comment
Question by:imnajam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 19

Accepted Solution

by:
Zaheer Iqbal earned 600 total points
ID: 12471327
0
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 1000 total points
ID: 12471465
OK yes of course you can set up TS on a web server you need to have a server runninf IIS 5 (or 6)

then install TSWebsetup.exe on it (if your runnig IIS5 it will automatically run the IIS lockdown tool - but it will not affect your current website)
once its installed it will create a sub folder in your inetpub/wwwroot folder called tsweb

download from
http://www.microsoft.com/downloads/details.aspx?familyid=e2ff8fb5-97ff-47bc-bacc-92283b52b310&displaylang=en

you can then access the TSweb connection via http://yourwebaddress/tsweb/

NOTE for it to work you need port 80 TCP inbound open AND port 3389 inbound open (or forwarded depending on your network)

your clinet connects over port 80 (web) to the URL then downloads an activeX applet that connects to the TS server (so the client needs to have activeX enables or the URL needs to be trusted)
0
 
LVL 4

Assisted Solution

by:riotz
riotz earned 400 total points
ID: 12514657
well there is nothing to worry about your terminal server.
there are no knows bugs for terminal services yet.. so the only way on compromissing it would be a verry time expensive brute force attack on the logins.. which would be waste if you have a good password policy on that server.

the only thing i would worry about is the webserver ;)
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 57

Expert Comment

by:Pete Long
ID: 12657203
ThanQ
0
 
LVL 9

Author Comment

by:imnajam
ID: 12657927
You welcome! and thanks for participating and giving your comments in the question:)
0
 
LVL 19

Expert Comment

by:Zaheer Iqbal
ID: 12662756
ThanQ ;)
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question