Re: Securing TS
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 11 Nov 2005 14:35:39 -0600
:-)
OK, you get a pass this time.
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
> -----Original Message-----
> From: Mark Morgan [mailto:MMorgan@xxxxxxxxxxxxxxxxxxxxx]
> Sent: Friday, November 11, 2005 2:20 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Securing TS
>
> http://www.ISAserver.org
>
>
> Yes I know that, it early and it's Friday, plus when you
> setup rdp over ssh tunneling you use 3389 as the source in
> putty because it's the other end of the connection! So :P
>
>
>
> IMPORTANT Notice: The information contained in this e-mail,
> including any attachments or other embedded messages, is
> legally privileged and confidential and is intended only for
> the use of the individual or entity to whom it is addressed.
> If the reader of this message is not the intended recipient
> or an agent responsible for delivering it to the intended
> recipient, you are hereby notified that any viewing,
> dissemination, distribution, retransmitting, or copying of
> this e-mail message is strictly prohibited. If you have
> received and/or are viewing this e-mail in error, please
> notify the sender immediately by reply e-mail, and delete
> this and all copies of this communication from your systems.
> Thank you.
>
>
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Friday, November 11, 2005 11:43 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Securing TS
>
> http://www.ISAserver.org
>
> That's the *destination* port Mark, not the *source* port.
> Big difference
> ;)
>
> ----- Original Message -----
> From: "Mark Morgan" <MMorgan@xxxxxxxxxxxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Friday, November 11, 2005 11:09 AM
> Subject: [isalist] Re: Securing TS
>
>
> http://www.ISAserver.org
>
> yes the client does allow you to use a different port all
> you need to do is
> type the ip:port# ie.. 192.168.1.1:55555
>
>
> Thank You
> Mark J Morgan
> IS Coordinator
>
> Palm Drive Hospital
> 501 Petaluma Ave. Sebastopol, Ca. 95472
> Email: mmorgan@xxxxxxxxxxxxxxxxxxxxx
> Voice: (707) 829-4242
> Fax: (707) 829-4112
> Mobile (707) 849-5576
>
> IMPORTANT Notice: The information contained in this e-mail,
> including any
> attachments or other embedded messages, is legally privileged and
> confidential and is intended only for the use of the
> individual or entity to
> whom it is addressed. If the reader of this message is not
> the intended
> recipient or an agent responsible for delivering it to the intended
> recipient, you are hereby notified that any viewing, dissemination,
> distribution, retransmitting, or copying of this e-mail
> message is strictly
> prohibited. If you have received and/or are viewing this
> e-mail in error,
> please notify the sender immediately by reply e-mail, and
> delete this and
> all copies of this communication from your systems. Thank you.
>
>
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Thursday, November 10, 2005 8:51 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Securing TS
>
> http://www.ISAserver.org
>
> Yes, if the RDP client allowed you to specify a source port,
> but it doesn't.
> That's the buzz kill. So, if you want to use my patented
> "source port
> firewall rules" for MS RDP clients, you'll have to bounce it
> off a secondary
> connection (like fport.)
>
> t
>
> ----- Original Message -----
> From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Thursday, November 10, 2005 8:35 PM
> Subject: [isalist] Re: Securing TS
>
>
> http://www.ISAserver.org
>
> Dude,
>
> What do you mean by a secondary connection? Wouldn't just be a primary
> connection with a specified source port to the alternate
> secondary port?
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
>
>
>
> > -----Original Message-----
> > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > Sent: Thursday, November 10, 2005 10:30 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Re: Securing TS
> >
> > http://www.ISAserver.org
> >
> > Publish on an alternate port, and change the name of the
> > admin account on
> > the box to prevent brute force attacks via RDP.
> >
> > If you have a savvy user, or if you can batch it up, publish
> > rules not only
> > based on the destination port, but the source port as well--
> > that way you
> > can bounce off of a secondary connection specifying source
> > port and still
> > not have to worry about "raw" publishing (without a secondary
> > authentication
> > method.)
> >
> > t
> >
> > ----- Original Message -----
> > From: "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Thursday, November 10, 2005 8:21 PM
> > Subject: [isalist] Securing TS
> >
> >
> > http://www.ISAserver.org
> >
> >
> > Any good tips on security TS on ISA 2004 Server?? Someone
> > wants to setup
> > TS to access their accounting package from home, since VPN
> will knock
> > down their bandwidth (5Meg Down/800K UP) we decided that TS would be
> > their best bet.
> >
> > Andrew
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as:
> > thor@xxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as:
> mmorgan@xxxxxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.362 / Virus Database: 267.12.8/166 - Release
> Date: 11/10/2005
>
>
> --
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.1.362 / Virus Database: 267.13.0/167 - Release
> Date: 11/11/2005
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as:
> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: mmorgan@xxxxxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.362 / Virus Database: 267.13.0/167 - Release
> Date: 11/11/2005
>
>
> --
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.1.362 / Virus Database: 267.13.0/167 - Release
> Date: 11/11/2005
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
Other related posts:
