I've been debating the safety of Terminal Services with a couple other IT professionals and I'd like to see if we can reach a consensus. Here's the facts of a typical situation:
1. Small network with just one file server
2. Windows 2003 Server or Windows 2003 Small business Server
3. Netgear or Linksys router with a cable modem attached.
4. Static IP address is assigned to the router or they are using DYNDNS.ORG
5. Router has port 3389 forwarding to the internal LAN address of the server.
6. The administrator account has permission to log in remotely via Terminal Services (RDP) as either a normal user or with the /console switch to gain console access.
7. Assume strong passwords are enforced on the server
The issue of debate is: How risky is this scenario?
I'd love to get as many opinions as I can.