On Tue, Feb 28, 2012 at 9:32 PM, Richard Stovall <[email protected]> wrote: > Remember that RDP, without significant, purposeful curtailing, can redirect > all kinds of things including drives, printers and the clipboard.
True enough. But even with that, it's still forcing attacks in to a smaller channel (vs "the entire computer and everything on it, including anything reachable from accounts running on the local PC at the time"). And if one disables redirection of drives and printers on the host, you're in much better shape. Although I've never tried doing that for a "client OS" hosting an RDP session. > When I first rolled out remote desktop gateway, and gave some of our users > access to their work PCs without our old Cisco VPN, I was astounded by the > number of questions similar to "Why can't I print at home?", "Why can't I > copy and paste from work to home?", etc. To a lot of users, the computer is a magic box. There's also the problem where user connects to office PC, tries printing. It doesn't work, so they keep trying and trying, before finally giving up. Meanwhile, the printer back at the office is spewing multiple copies... -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
