[THIN] Re: How can I keep people from seeing my server
- From: Adam_Baum@xxxxxxxxxxxxx
- To: thin@xxxxxxxxxxxxx
- Date: Wed, 21 Aug 2002 15:20:31 -0700
Yes. No one has succeeded in logging in since they don't have a valid
account. I wouldn't say completely exposed. Our router filters out all
traffic except port 1494.
It's very hard for us to do VPN because too many users have too many
machines (I have 5). We also let our external business partners in (just a
teeny bit) via metaframe. We don't have the $$$ for a good hardware VPN
solution. Also, depening on which VPN solution you use, most of our users
don't have static IP addresses.
As for CSG, I am not familiar with it but if it's connected to the
Internet, people can hack it too.
"Chris Lynch"
<lynch00@xxxxxx To: <thin@xxxxxxxxxxxxx>
t> cc:
Sent by: Subject: [THIN] Re: How can I
keep people from seeing my server
thin-bounce@fre
elists.org
08/21/2002
03:12 PM
Please respond
to thin
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
You mean someone is trying to login to your MF server when it is
completely exposed to the Internet? Why don't you have CSG
implemented, or only allow access for external users througha VPN
connection? There are many hack techniques out there that someone
"could" bring your server down, or worse gain access and steal data.
Just my humble opinion.
CHRIS LYNCH - MCSE, CCNA, CCA
NETWORK ENGINEER - INFORMATION TECHNOLOGY
NRT Incorporated, 27271 Las Ramblas, Mission Viejo, CA 92691
Chris.lynch@xxxxxxxxxx Tel 949.367.3406
- -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Adam_Baum@xxxxxxxxxxxxx
Sent: Wednesday, August 21, 2002 2:57 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] How can I keep people from seeing my server
HI Folks,
On a W2K SP2, XPe FR2 system. I've disabled all the "respond to
ICA broadcasts" and I've unchecked all the the "Create browser
listener on ...". I'm still getting invalid logons. These don't
look targeted. More like something is broadcasting/responding. My
MF 1.8 server doesn't do this and I can't determine what is different
between them. I should mention that these servers are used for
remote access so they are Internet connected.
Other than the farm checkbox of repsonding to RAS broadcasts (won't
let me disable it), everything appears to be setup correctly. Given
that my servers are 1 ip address away from each other, I can't see
how one is getting hit (on purpose) and not the other.
I've also made sure the router is configured the same for both ports.
Any ideas?
adam
===================================
This weeks Sponsor:
ThinPrint
- High resolution, DRIVER FREE PRINTING with no loss of quality in color.
- Removes print spooling and rendering tasks from your terminal server.
http://www.thinprint.com
===================================
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
Other related posts:
