Solved

server 2008 and TSWEB access and making it secure

Posted on 2011-02-11
4
284 Views
Last Modified: 2012-05-11
Hi there,
My users work on TSWEB Access on one of my server 2008 carrying a couple of databases.  They simply go to 'http://server.domainname.com' and logon and work.  Recently I have found too many log on attemts made with fake usernames and pass via the security event 4625.  I further found that anybody can directly remote into the server via external IP.  
Does remote desktop and TSWebaccess go hand in hand?  How can I disable so that fake users will not be able to put the external IP in the direct remote desktop and try to connect to this server, but my domain users still should be able to see my TSwebaccess site at :
http://server.domainname.com'
Help
0
Comment
Question by:amanzoor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 34881596
>>Does remote desktop and TSWebaccess
Yes and no.  There is the gateway service that uses port 443 rather than 3389, but then this would connect to the Remote Desktop Services via 3389 on behalf of the client.

Sadly, unless all of your clients connect from specific IP addresses there is no way to block which IP's connect because your users could connect from random IP addresses.
0
 
LVL 4

Author Comment

by:amanzoor
ID: 34885075
THanks Demazter:
Please tell me one thing, once the user type in http://server.mydomain.com, the very first window pops in which is windows security which asks for username and password (which program is sending in this window?  Is it IIS or something else?)  secondly once the user logs in via this window the user sees my TS Web ACCESS page with applications on it, once the user clicks on once of the apps another windows pops up asking for username and pass(this time is it the terminal server asking for authentication? or IIS?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 35205126
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question