OK, I think. Its beyond my pay grade tonight. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] > Sent: Thursday, November 10, 2005 10:51 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] Re: Securing TS > > http://www.ISAserver.org > > Yes, if the RDP client allowed you to specify a source port, > but it doesn't. > That's the buzz kill. So, if you want to use my patented > "source port > firewall rules" for MS RDP clients, you'll have to bounce it > off a secondary > connection (like fport.) > > t > > ----- Original Message ----- > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Thursday, November 10, 2005 8:35 PM > Subject: [isalist] Re: Securing TS > > > http://www.ISAserver.org > > Dude, > > What do you mean by a secondary connection? Wouldn't just be a primary > connection with a specified source port to the alternate > secondary port? > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://spaces.msn.com/members/drisa/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > > > > > -----Original Message----- > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] > > Sent: Thursday, November 10, 2005 10:30 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] Re: Securing TS > > > > http://www.ISAserver.org > > > > Publish on an alternate port, and change the name of the > > admin account on > > the box to prevent brute force attacks via RDP. > > > > If you have a savvy user, or if you can batch it up, publish > > rules not only > > based on the destination port, but the source port as well-- > > that way you > > can bounce off of a secondary connection specifying source > > port and still > > not have to worry about "raw" publishing (without a secondary > > authentication > > method.) > > > > t > > > > ----- Original Message ----- > > From: "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > Sent: Thursday, November 10, 2005 8:21 PM > > Subject: [isalist] Securing TS > > > > > > http://www.ISAserver.org > > > > > > Any good tips on security TS on ISA 2004 Server?? Someone > > wants to setup > > TS to access their accounting package from home, since VPN > will knock > > down their bandwidth (5Meg Down/800K UP) we decided that TS would be > > their best bet. > > > > Andrew > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion > > List as: > > thor@xxxxxxxxxxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion > > List as: tshinder@xxxxxxxxxxxxxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: > thor@xxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >