On Wed, Mar 21, 2012 at 7:07 AM, Benjamin E. Nichols
<mrnicho...@gmail.com>wrote:
> **
> I fail to see how NLA could possibly improve the security of RDP.
>
>From http://technet.microsoft.com/en-us/library/cc732713.aspx:
"Network Level Authentication is an authentication method that can be used
to enhance RD Session Host server security by requiring that the user be
authenticated to the RD "Session Host server before a session is created.
Network Level Authentication completes user authentication before you
establish a remote desktop connection and the logon screen appears. This is
a more secure authentication method that can help protect the remote
computer from malicious users and malicious software. The advantages of
Network Level Authentication are:
- "It requires fewer remote computer resources initially. The remote
computer uses a limited number of resources before authenticating the user,
rather than starting a full remote desktop connection as in previous
versions.
- "It can help provide better security by reducing the risk of
denial-of-service attacks."
To me that sounds like a marginal improvement in security, and perhaps no
improvement in performance when using the lts.conf option of
"XINITRC_PROMPT_ON_EXIT=True", but even a marginal improvement is worth
looking at if it's trivial to implement. The bigger concern for me is if
future versions of Windows require NLA.
db
------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90 days Click Here
http://p.sf.net/sfu/sfd2d-msazure
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
