[THIN] Re: Any thoughts about this?

Hi Nick,

Without a secured front end and SSL encryption it's too much like leaving
your front door open when you leave the house. It doesn't matter if you've
got a good burglar alarm system, it's still not a good idea.

If people can get direct access to a login prompt on one of your TS systems
you're potentially vulnerable regardless of whether it's RDP, ICA, VNC or
whatever.

regards,

Rick

-- 
Ulrich Mack
Quest Software
Provision Networks Division




On 3/27/08, Nick Smith <nick@xxxxxxxxxxxxxxxxxx> wrote:
>
> Interestingly, we've had discussions before about any possible security
> implications of doing this and the answer has been 'None known'; on that
> basis I've been advising people that they need to tie down their TSes
> internally like crazy but that the external bit was secure. Looks like I'm
> going to have to revise my advise (Only 5 years late(;).
>
> Nick
>
>
> > You'd have to be slightly nuts to open 3389 directly thru a firewall.
>
>

Other related posts: