[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

server 2008 and TSWEB access and making it secure

Posted on 2011-02-11
4
Medium Priority
?
290 Views
Last Modified: 2012-05-11
Hi there,
My users work on TSWEB Access on one of my server 2008 carrying a couple of databases.  They simply go to 'http://server.domainname.com' and logon and work.  Recently I have found too many log on attemts made with fake usernames and pass via the security event 4625.  I further found that anybody can directly remote into the server via external IP.  
Does remote desktop and TSWebaccess go hand in hand?  How can I disable so that fake users will not be able to put the external IP in the direct remote desktop and try to connect to this server, but my domain users still should be able to see my TSwebaccess site at :
http://server.domainname.com'
Help
0
Comment
Question by:amanzoor
3 Comments
 
LVL 74

Accepted Solution

by:
Glen Knight earned 2000 total points
ID: 34881596
>>Does remote desktop and TSWebaccess
Yes and no.  There is the gateway service that uses port 443 rather than 3389, but then this would connect to the Remote Desktop Services via 3389 on behalf of the client.

Sadly, unless all of your clients connect from specific IP addresses there is no way to block which IP's connect because your users could connect from random IP addresses.
0
 
LVL 4

Author Comment

by:amanzoor
ID: 34885075
THanks Demazter:
Please tell me one thing, once the user type in http://server.mydomain.com, the very first window pops in which is windows security which asks for username and password (which program is sending in this window?  Is it IIS or something else?)  secondly once the user logs in via this window the user sees my TS Web ACCESS page with applications on it, once the user clicks on once of the apps another windows pops up asking for username and pass(this time is it the terminal server asking for authentication? or IIS?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 35205126
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like me and like multiple layers of protection, read on!
Experts Exchange expands question security options for members.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question