RES: RE: Internal access to remote external TS?

  • From: "Tiago de Aviz" <Tiago@xxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 30 Nov 2004 09:41:01 -0200

Hey Krisna,

Jim meant to set the encryption to the highest setting available on Terminal 
Services Configuration, on Administrative tools. Get the RDP-TCP properties and 
you can set the encryption level there.

Well, you can change the port, but if someone really wants to hack you, let's 
say you'll make the hacker work another 10 seconds or less ;) so it's worthless.

Tiago

-----Mensagem original-----
De: Krisna Keo [mailto:krisnak@xxxxxxxxxxxxxxx] 
Enviada em: terça-feira, 30 de novembro de 2004 06:24
Para: [ISAserver.org Discussion List]
Assunto: [isalist] RE: Internal access to remote external TS?

http://www.ISAserver.org

http://www.ISAserver.org

Thank you very much Andrew for alerting the hot point to me. 
Changing the RDP port is one of highest risk stuff, and it does not
recommend changing as well from Microsoft unless necessary.
http://support.microsoft.com/kb/187623/EN-US/ 

Could let me know the RDP port can be usefully changed by most people?

I followed the link to configure my server
http://support.microsoft.com/default.aspx?scid=kb;en-us;294720 

Jim, could you please detail on "set the encryption to
"ungodly high" and leave it there." Due to I'm not a native English speaker.
(Sorry)

Regards,
Krisna

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Tuesday, November 30, 2004 1:33 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Internal access to remote external TS?

http://www.ISAserver.org

"Security by obscurity".

This isn't worth your time as any script kiddie worth his (her) salt can
easily find listening ports with some readily-available tools.
Once they have those; they can hit them with some standard
"banner-chasing" toys that'll ferret out your RDP service in no time.
Rather than wasting your time in useless pursuits, set the encryption to
"ungodly high" and leave it there.

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!
 
 

-----Original Message-----
From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] 
Sent: Monday, November 29, 2004 8:37 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Internal access to remote external TS?

http://www.ISAserver.org


I would suggest that you do not use port 3389 as your external port.
3389 is the first thing hackers look for when port hunting because TS is
easy to hack. When you select RDP (Term Services) Server click on ports
and then enable the firewall port publish and give it a value of 33000
or higher. This way when you RDP in from the internet into your box(es)
you just need to put a :33000 or whatever the port number is and your
in. :-)

 

Andrew

 

 

________________________________

From: Krisna Keo [mailto:krisnak@xxxxxxxxxxxxxxx] 
Sent: Monday, November 29, 2004 8:54 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Internal access to remote external TS?

 

http://www.ISAserver.org



Hi Rajia,

Protocol rule:

Allow Terminal Services - OUT

        Description : 

        Enabled : True

        Action taken with requests : Allow

        Rule applies to : Selected Protocols

        Protocols : RDP (Terminal Services)

        Rule Applies to : Any Request

 

Protocol Definition:

RDP (Terminal Services)

        Description : Remote Desktop Protocol (Terminal Services)

        Initial Connection Port Number : 3389

        Initial Protocol Type : TCP

        Initial Direction : Outbound

Hope this will helps

Krisna

-----Original Message-----
From: Raji Arulambalam [mailto:RajiA@xxxxxxxxxxxxxx]
Sent: Tuesday, November 30, 2004 8:47 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Internal access to remote external TS?

http://www.ISAserver.org

Hi

Using ISA Server 2000, whats required to allow an internal client to
access a remote Terminal Services server.

The client has a FW client.

Thanks

RajiA

Email disclaimer: This email and any attachments are confidential. If
you are not the intended recipient, do not copy, disclose or use the
contents in any way. If you receive this message in error, please let us
know by return email and then destroy the message. Environment Bay of
Plenty is not responsible for any changes made to this message and/or
any attachments after sending.

******************************************************

This e-mail has been checked for viruses and no viruses were detected.

------------------------------------------------------

List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist

ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp

ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ

------------------------------------------------------

Other Internet Software Marketing Sites:

World of Windows Networking: http://www.windowsnetworking.com

Leading Network Software Directory: http://www.serverfiles.com

No.1 Exchange Server Resource Site: http://www.msexchange.org

Windows Security Resource Site: http://www.windowsecurity.com/

Network Security Library: http://www.secinf.net/

Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com

------------------------------------------------------

You are currently subscribed to this ISAserver.org Discussion List as:
krisnak@xxxxxxxxxxxxxxx

To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist

Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
andrew@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
krisnak@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
tiago@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  • » RES: RE: Internal access to remote external TS?
  1. Home
  2. isalist
  3. Archive
  4. 11-2004