Solved

Server 2003 firewall setting to allow rdp connect only

Posted on 2010-11-24
5
409 Views
Last Modified: 2012-05-10
What is the most secure firewall setting to allow only terminal service connection via rdp for a server 2003 running terminal services for 20 users?

What additional firewall device or software would assure secure connection and stop hack attacks via ncrack or other hacking methods?
0
Comment
Question by:am5240
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 11

Expert Comment

by:kaskhedikar_tushar
ID: 34204903
Hello,

Juniper firewall is the best external firewall device. This will secure your network.

This may help you.

http://www.juniper.net/us/en/products-services/security/

http://support.microsoft.com/kb/925876


Regards,
Tushar Kaskhedikar
0
 

Author Comment

by:am5240
ID: 34205472
Are there any specific security features to enable or disalbe in the Server 2003 Built In WIndows Firewall  which will reduce the probablilty of hacker gaining access to the server via RDP or other networking protocols ?
0
 
LVL 5

Accepted Solution

by:
rotech_IT earned 500 total points
ID: 34209375
I prefer Sonicwall for hardware firewalls.  I use 3 of these in a production environment and have always had great things to say about them.  The Sonicwall NSA2400 is a great device and relatively speaking, easy to use.

www.sonicwall.com

As far as Windows Firewall, if you only want to allow RDP traffic make an exception for TCP port 3389.  Here's a good, basic read on some security considerations for terminal server 2003.  It should give you some ideas on how to better secure your environment and point you in the right direction:

http://www.virtualizationadmin.com/articles-tutorials/terminal-services/security/securing-windows-terminal-services.html


0
 

Author Comment

by:am5240
ID: 34209889
rotech IT,
I appreaciate the link to the article on securing windows ts. My server is configured as the article suggest, so that is important to know that I  have the basics on my server corrrectly setup.

I will investigate the firewall options. I am looking for reliable security at a reasonable cost.
CISCO  5505 seems to be a less costly hardware option.
0
 
LVL 5

Expert Comment

by:rotech_IT
ID: 34210020
Great to hear that am5240.  Sounds like you're on the right track.

You can always go with a Sonicwall Pro 3060.  It's a generation behind the NSA devices.  Just be sure you get it with SonicOS Enhanced.  The basic OS is still good, but not as robust as far as features.

I run a couple 3060's configured for hardware failover in a production environment.  Does a great job.  You can grab them on ebay for fairly cheap.  I also think Sonicwall still sells them new.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA 5512 LAN Config 16 130
Generate HTML report about DHCP server 2003 1 62
FTP through ASA 9.5 1 38
Tool to test the firewall  protection 9 86
Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question