Solved

Server 2003 firewall setting to allow rdp connect only

Posted on 2010-11-24
5
381 Views
Last Modified: 2012-05-10
What is the most secure firewall setting to allow only terminal service connection via rdp for a server 2003 running terminal services for 20 users?

What additional firewall device or software would assure secure connection and stop hack attacks via ncrack or other hacking methods?
0
Comment
Question by:am5240
  • 2
  • 2
5 Comments
 
LVL 11

Expert Comment

by:kaskhedikar_tushar
ID: 34204903
Hello,

Juniper firewall is the best external firewall device. This will secure your network.

This may help you.

http://www.juniper.net/us/en/products-services/security/

http://support.microsoft.com/kb/925876


Regards,
Tushar Kaskhedikar
0
 

Author Comment

by:am5240
ID: 34205472
Are there any specific security features to enable or disalbe in the Server 2003 Built In WIndows Firewall  which will reduce the probablilty of hacker gaining access to the server via RDP or other networking protocols ?
0
 
LVL 5

Accepted Solution

by:
rotech_IT earned 500 total points
ID: 34209375
I prefer Sonicwall for hardware firewalls.  I use 3 of these in a production environment and have always had great things to say about them.  The Sonicwall NSA2400 is a great device and relatively speaking, easy to use.

www.sonicwall.com

As far as Windows Firewall, if you only want to allow RDP traffic make an exception for TCP port 3389.  Here's a good, basic read on some security considerations for terminal server 2003.  It should give you some ideas on how to better secure your environment and point you in the right direction:

http://www.virtualizationadmin.com/articles-tutorials/terminal-services/security/securing-windows-terminal-services.html


0
 

Author Comment

by:am5240
ID: 34209889
rotech IT,
I appreaciate the link to the article on securing windows ts. My server is configured as the article suggest, so that is important to know that I  have the basics on my server corrrectly setup.

I will investigate the firewall options. I am looking for reliable security at a reasonable cost.
CISCO  5505 seems to be a less costly hardware option.
0
 
LVL 5

Expert Comment

by:rotech_IT
ID: 34210020
Great to hear that am5240.  Sounds like you're on the right track.

You can always go with a Sonicwall Pro 3060.  It's a generation behind the NSA devices.  Just be sure you get it with SonicOS Enhanced.  The basic OS is still good, but not as robust as far as features.

I run a couple 3060's configured for hardware failover in a production environment.  Does a great job.  You can grab them on ebay for fairly cheap.  I also think Sonicwall still sells them new.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now