That is not really the case. The only port is 3389. It is behind a firewall, just has 3389 NAT'd.
Bob Fronk > -----Original Message----- > From: Charlie Kaiser [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 01, 2008 4:39 PM > To: NT System Admin Issues > Subject: RE: Public TS - opinions? > > As long as that TS is not connected to the rest of your network and > contains no sensitive material, it's fine. LOL... > > Otherwise, may as well give all your servers publicly accessible IP > addresses... > > Even a free MS VPN, where the client will run on any MS desktop, will > provide significantly better security. What money and equipment > constraints don't allow a VPN connection? > > ********************** > Charlie Kaiser > W2K3 MCSA/MCSE/Security > Systems Engineer > Essex Credit / Brickwalk > 925 274 3183 > ********************** > > > -----Original Message----- > From: Bob Fronk [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 01, 2008 1:35 PM > To: NT System Admin Issues > Subject: Public TS - opinions? > > I have a client that wants to keep a terminal server available publicly > to be accessed from multiple sites where a VPN is not possible due to > money and equipment constraints. The outside users just use the Remote > Desktop and connect directly to the public IP. > > > > I feel this is a security risk. > > > > What is the groups opinion and what do you think is a good work around > or ways to at least reduce the security problems? > > > > Bob Fronk > > > > This email and any attached files are confidential and intended solely > for the intended recipient(s). If you are not the named recipient you > should not read, distribute, copy or alter this email. Any views or > opinions expressed in this email are those of the author and do not > represent those of the Davis H. Elliot Company . Warning: Although > precautions have been taken to make sure no viruses are present in this > email, the company cannot accept responsibility for any loss or damage > that arise from the use of this email or attachments. > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the Davis H. Elliot Company company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
