Terminal Server [auditing/securing and analyzing]

Posted on 2004-11-02
Medium Priority
Last Modified: 2013-12-04
Hi allz,

I want to know if it's okay to setup a TERMINAL SERVER on WEB SERVER ?
also how can I check for the security issues related to TERMINAL SERVER ?
and what are the do's and don'ts for installing TERMINAL SERVER ?
and what are the chances of compromising of a TERMINAL SERVER ?
and other information / security audit tools concerning MS TERMINAL SERVICES......

Thanks in advance
p.s: don't suggest alternative
Question by:imnajam
LVL 20

Accepted Solution

Zaheer Iqbal earned 600 total points
ID: 12471327
LVL 58

Assisted Solution

by:Pete Long
Pete Long earned 1000 total points
ID: 12471465
OK yes of course you can set up TS on a web server you need to have a server runninf IIS 5 (or 6)

then install TSWebsetup.exe on it (if your runnig IIS5 it will automatically run the IIS lockdown tool - but it will not affect your current website)
once its installed it will create a sub folder in your inetpub/wwwroot folder called tsweb

download from

you can then access the TSweb connection via http://yourwebaddress/tsweb/

NOTE for it to work you need port 80 TCP inbound open AND port 3389 inbound open (or forwarded depending on your network)

your clinet connects over port 80 (web) to the URL then downloads an activeX applet that connects to the TS server (so the client needs to have activeX enables or the URL needs to be trusted)

Assisted Solution

riotz earned 400 total points
ID: 12514657
well there is nothing to worry about your terminal server.
there are no knows bugs for terminal services yet.. so the only way on compromissing it would be a verry time expensive brute force attack on the logins.. which would be waste if you have a good password policy on that server.

the only thing i would worry about is the webserver ;)
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

LVL 58

Expert Comment

by:Pete Long
ID: 12657203

Author Comment

ID: 12657927
You welcome! and thanks for participating and giving your comments in the question:)
LVL 20

Expert Comment

by:Zaheer Iqbal
ID: 12662756
ThanQ ;)

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Enter Foreign and Special Characters Enter characters you can't find on a keyboard using its ASCII code ... and learn how to make a handy reference for yourself using Excel ~ Use these codes in any Windows application! ... whether it is a Micr…
If you are looking for an automated solution for backup single or multiple Office 365 user mailboxes to Outlook data file, then you can use Kernel Office 365 Backup & Restore tool. Go through the video to check out the steps to backup single or mult…

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question