Re: Securing TS

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 10 Nov 2005 23:01:56 -0600

Sheesh. I just measured it and out 8oz of the 24 ended up on the
bathroom floor. What's worse is that I had to lick it up before it dried
out. No car, so can't drive for something real.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
> Sent: Thursday, November 10, 2005 10:54 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Securing TS
> 
> http://www.ISAserver.org
> 
> OK, I think. Its beyond my pay grade tonight.
> 
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> 
>  
> 
> > -----Original Message-----
> > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] 
> > Sent: Thursday, November 10, 2005 10:51 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Re: Securing TS
> > 
> > http://www.ISAserver.org
> > 
> > Yes, if the RDP client allowed you to specify a source port, 
> > but it doesn't. 
> > That's the buzz kill.  So, if you want to use my patented 
> > "source port 
> > firewall rules" for MS RDP clients, you'll have to bounce it 
> > off a secondary 
> > connection (like fport.)
> > 
> > t
> > 
> > ----- Original Message ----- 
> > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Thursday, November 10, 2005 8:35 PM
> > Subject: [isalist] Re: Securing TS
> > 
> > 
> > http://www.ISAserver.org
> > 
> > Dude,
> > 
> > What do you mean by a secondary connection? Wouldn't just 
> be a primary
> > connection with a specified source port to the alternate 
> > secondary port?
> > 
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > 
> > 
> > 
> > > -----Original Message-----
> > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > > Sent: Thursday, November 10, 2005 10:30 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] Re: Securing TS
> > >
> > > http://www.ISAserver.org
> > >
> > > Publish on an alternate port, and change the name of the
> > > admin account on
> > > the box to prevent brute force attacks via RDP.
> > >
> > > If you have a savvy user, or if you can batch it up, publish
> > > rules not only
> > > based on the destination port, but the source port as well-- 
> > > that way you
> > > can bounce off of a secondary connection specifying source
> > > port and still
> > > not have to worry about "raw" publishing (without a secondary
> > > authentication
> > > method.)
> > >
> > > t
> > >
> > > ----- Original Message ----- 
> > > From: "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Thursday, November 10, 2005 8:21 PM
> > > Subject: [isalist] Securing TS
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > >
> > > Any good tips on security TS on ISA 2004 Server?? Someone
> > > wants to setup
> > > TS to access their accounting package from home, since VPN 
> > will knock
> > > down their bandwidth (5Meg Down/800K UP) we decided that 
> TS would be
> > > their best bet.
> > >
> > > Andrew
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: 
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: 
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion
> > > List as:
> > > thor@xxxxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: 
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: 
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion
> > > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion 
> > List as: 
> > thor@xxxxxxxxxxxxxxx
> > To unsubscribe visit 
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > 
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion 
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit 
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> > 
> > 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
>

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 11-2005