RE: Terminal services

• From: Edward Sullivan <esullivan@xxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 6 Nov 2001 11:23:39 -0600

Please reference the link below for the NSA's guide on securing Windows
2000. Highly recommended.

http://nsa2.www.conxion.com/win2k/download.htm

-----Original Message-----
From: Thor@xxxxxxxxxxxxxxx [mailto:Thor@xxxxxxxxxxxxxxx]
Sent: Tuesday, November 06, 2001 11:14 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Terminal services


http://www.ISAserver.org



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yep- just set up a filter that allows 3389 in, but only from a particular 
remote address or addresses.

Also, to be on the safe side, ensure the admin account is renamed (for 
brute force attacks) and put a Legal Notice/Logon Banner on the box.

hth

AD


At 11:11 AM 11/6/2001 -0600, you wrote:
>http://www.ISAserver.org
>
>
>You may be able, I am not entirely sure, limit the connections to the
>port the Terminal Services uses to a specific IP range. I am no guru at
>ISA, but this may be possible.
>
>Mike
>
>-----Original Message-----
>From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxx]
>Sent: Tuesday, November 06, 2001 11:09 AM
>To: [ISAserver.org Discussion List]
>Subject: [isalist] RE: Terminal services
>
>
>http://www.ISAserver.org
>
>
>Thanks
>Steve
>
>-----Original Message-----
>From: Mike Carlson [mailto:domitianx@xxxxxxxxxxxxx]
>Sent: 06 November 2001 17:06
>To: [ISAserver.org Discussion List]
>Subject: [isalist] RE: Terminal services
>
>
>http://www.ISAserver.org
>
>
>Yes it is operating as designed. Think of it as basically someone
>walking up to the actual box. You cannot limit the display of the login
>screen by the person standing in front of the computer. The machine does
>not know who it is until they enter their information.
>
>Mike
>
>-----Original Message-----
>From: Steve Moffat [mailto:steve@xxxxxxxxxxxxxxx]
>Sent: Tuesday, November 06, 2001 10:57 AM
>To: [ISAserver.org Discussion List]
>Subject: [isalist] Terminal services
>
>
>http://www.ISAserver.org
>
>
>Hi all
>
>I have just enabled terminal services for admin access. I works fine
>apart from the small issue of letting anyone and their dog connect.
>Obviously the cant login unless they know the password but is this the
>way it is supposed to work. I have created a rule to only let me and
>administrators to connect to know avail.
>
>Help
>Steve
>Steve Moffat
>Senior Engineer
>Optimum Computer Solutions
>
>Tel : +44(0)141 570 1283
>Fax :+44(0)141 584 9479
>Mobile : 07711 074 605
>
>http://optimum.mine.nu
>steve@xxxxxxxxxxxxxxx
>
>Disclaimer:
>Optimum Computer Solutions is not responsible for any recommendation,
>solicitation, offer or agreement or any information about any
>transaction, customer account or account activity contained in this
>communication.
>
>------------------------------------------------------
>You are currently subscribed to this ISAserver.org Discussion List as:
>domitianx@xxxxxxxxxxxxx To unsubscribe send a blank email to
>$subst('Email.Unsub')
>
>------------------------------------------------------
>You are currently subscribed to this ISAserver.org Discussion List as:
>steve@xxxxxxxxxxxxxxx To unsubscribe send a blank email to
>$subst('Email.Unsub')Disclaimer:
>Optimum Computer Solutions is not responsible for any recommendation,
>solicitation, offer or agreement or any information about any
>transaction, customer account or account activity contained in this
>communication.
>
>------------------------------------------------------
>You are currently subscribed to this ISAserver.org Discussion List as:
>domitianx@xxxxxxxxxxxxx To unsubscribe send a blank email to
>$subst('Email.Unsub')
>
>------------------------------------------------------
>You are currently subscribed to this ISAserver.org Discussion List as: 
>thor@xxxxxxxxxxxxxxx
>To unsubscribe send a blank email to $subst('Email.Unsub')

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBO+gabohsmyD15h5gEQKcPgCgsaPyCW9HVMi4G8/Z54KEjPxPcewAoOgy
xaO9pdSKen6MlbUrYbVbtlbK
=2MYw
-----END PGP SIGNATURE-----

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
esullivan@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services
• » RE: Terminal services

1. Home
2. isalist
3. Archive
4. 11-2001

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---