[geeks] Terminal Services security

Thomas Gallaway rescue at port11.net
Tue Feb 10 14:17:01 CST 2004


Having a 2k server on the net is a really stupid idea. At a old job I 
had a few
2k servers to maintaine and put them of course behind freebsd firewalls. But
some clients wanted to TS into their server so I did open the port for them.
Nothing ever happend but I heard storys. The DOI.gov got their fiber capped
cause they could not comply with securing their NT servers and the demo
appreantly was a highjacked TS session.
http://dc.internet.com/news/article.php/2229391

-- Thomas

Kevin wrote:

>Is it considered "safe" by most, to have MS Terminal
>Services unfiltered and directly internet facing?
>
>Personally, i don't think that having any MS OS directly
>facing the net is a wise decision, but our payroll processor
>seems to think that Win2k Terminal Services is some type of
>impenetrable fortress.  I'm just looking for other's
>opinions/experiences.
>
>/KRM



More information about the geeks mailing list