Hey Krisna, Jim meant to set the encryption to the highest setting available on Terminal Services Configuration, on Administrative tools. Get the RDP-TCP properties and you can set the encryption level there. Well, you can change the port, but if someone really wants to hack you, let's say you'll make the hacker work another 10 seconds or less ;) so it's worthless. Tiago -----Mensagem original----- De: Krisna Keo [mailto:krisnak@xxxxxxxxxxxxxxx] Enviada em: terça-feira, 30 de novembro de 2004 06:24 Para: [ISAserver.org Discussion List] Assunto: [isalist] RE: Internal access to remote external TS? http://www.ISAserver.org http://www.ISAserver.org Thank you very much Andrew for alerting the hot point to me. Changing the RDP port is one of highest risk stuff, and it does not recommend changing as well from Microsoft unless necessary. http://support.microsoft.com/kb/187623/EN-US/ Could let me know the RDP port can be usefully changed by most people? I followed the link to configure my server http://support.microsoft.com/default.aspx?scid=kb;en-us;294720 Jim, could you please detail on "set the encryption to "ungodly high" and leave it there." Due to I'm not a native English speaker. (Sorry) Regards, Krisna -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Tuesday, November 30, 2004 1:33 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Internal access to remote external TS? http://www.ISAserver.org "Security by obscurity". This isn't worth your time as any script kiddie worth his (her) salt can easily find listening ports with some readily-available tools. Once they have those; they can hit them with some standard "banner-chasing" toys that'll ferret out your RDP service in no time. Rather than wasting your time in useless pursuits, set the encryption to "ungodly high" and leave it there. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! -----Original Message----- From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] Sent: Monday, November 29, 2004 8:37 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Internal access to remote external TS? http://www.ISAserver.org I would suggest that you do not use port 3389 as your external port. 3389 is the first thing hackers look for when port hunting because TS is easy to hack. When you select RDP (Term Services) Server click on ports and then enable the firewall port publish and give it a value of 33000 or higher. This way when you RDP in from the internet into your box(es) you just need to put a :33000 or whatever the port number is and your in. :-) Andrew ________________________________ From: Krisna Keo [mailto:krisnak@xxxxxxxxxxxxxxx] Sent: Monday, November 29, 2004 8:54 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Internal access to remote external TS? http://www.ISAserver.org Hi Rajia, Protocol rule: Allow Terminal Services - OUT Description : Enabled : True Action taken with requests : Allow Rule applies to : Selected Protocols Protocols : RDP (Terminal Services) Rule Applies to : Any Request Protocol Definition: RDP (Terminal Services) Description : Remote Desktop Protocol (Terminal Services) Initial Connection Port Number : 3389 Initial Protocol Type : TCP Initial Direction : Outbound Hope this will helps Krisna -----Original Message----- From: Raji Arulambalam [mailto:RajiA@xxxxxxxxxxxxxx] Sent: Tuesday, November 30, 2004 8:47 AM To: [ISAserver.org Discussion List] Subject: [isalist] Internal access to remote external TS? http://www.ISAserver.org Hi Using ISA Server 2000, whats required to allow an internal client to access a remote Terminal Services server. The client has a FW client. Thanks RajiA Email disclaimer: This email and any attachments are confidential. If you are not the intended recipient, do not copy, disclose or use the contents in any way. If you receive this message in error, please let us know by return email and then destroy the message. Environment Bay of Plenty is not responsible for any changes made to this message and/or any attachments after sending. ****************************************************** This e-mail has been checked for viruses and no viruses were detected. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: krisnak@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: andrew@xxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: krisnak@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tiago@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx