Yes, if the RDP client allowed you to specify a source port, but it doesn't.
That's the buzz kill. So, if you want to use my patented "source port
firewall rules" for MS RDP clients, you'll have to bounce it off a secondary
connection (like fport.)
t
http://www.ISAserver.org
Dude,
What do you mean by a secondary connection? Wouldn't just be a primary connection with a specified source port to the alternate secondary port?
Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls
-----Original Message----- From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] Sent: Thursday, November 10, 2005 10:30 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Securing TS
http://www.ISAserver.org
Publish on an alternate port, and change the name of the admin account on the box to prevent brute force attacks via RDP.
If you have a savvy user, or if you can batch it up, publish
rules not only
based on the destination port, but the source port as well-- that way you
can bounce off of a secondary connection specifying source
port and still
not have to worry about "raw" publishing (without a secondary
authentication
method.)
t
----- Original Message ----- From: "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, November 10, 2005 8:21 PM
Subject: [isalist] Securing TS
http://www.ISAserver.org
Any good tips on security TS on ISA 2004 Server?? Someone wants to setup TS to access their accounting package from home, since VPN will knock down their bandwidth (5Meg Down/800K UP) we decided that TS would be their best bet.
Andrew
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx