Stephans2
asked on
question on Remote Desktop Services Security
Question about Remote Desktop Security. Please read it carefully before answering quick and half answers. Thank you.
1. When you have a Server 2008 R2 (standard installation) with Remote Desktop enabled, what is the security risk of making it publically accessible over the internet? Should you never do that or is the security risk limited? I know there have been removed a lot of vulnerabilities in the RDP protocol but I'm not sure what the status is today.
2. If you DO enable it are there any special things you should pay attention to?
4. Is it more advisable to only make the RDweb interface publically available or is that imposing the same security risk?
Thanks for any help in advance.
1. When you have a Server 2008 R2 (standard installation) with Remote Desktop enabled, what is the security risk of making it publically accessible over the internet? Should you never do that or is the security risk limited? I know there have been removed a lot of vulnerabilities in the RDP protocol but I'm not sure what the status is today.
2. If you DO enable it are there any special things you should pay attention to?
4. Is it more advisable to only make the RDweb interface publically available or is that imposing the same security risk?
Thanks for any help in advance.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you Lester for your excellent answer.
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
A safer way would be to set up VPN on demand and use VPN to establish a connection to the local network and then initiate the RDP from there.