[geeks] Terminal Services security

Kevin kevin at mpcf.com
Tue Feb 10 15:53:31 CST 2004


No one is asking me (or our company) to do anything.  

The company that we use for payroll processing has a Win2K TS box
inet facing.  That's is unsettling to me and i wanted other's
opinions.  The TS box is behind an MS ISAS box, but that is
tantamount to nothing as the port is wide open and it is not
enforcing any additional security methods other than a name and
password.  

As you stated, i am now concerned about our data safety once it
gets to them.

/KRM

On Tue, 10 Feb 2004 15:22:12 -0600
"Jonathan C. Patschke" <jp at celestrion.net> wrote:

> On Tue, 10 Feb 2004, Kevin wrote:
> 
> > By "payroll processor" i meant an out-sourced company that we
> > use for payroll, not an individual within my company.
> 
> If a FINANCE company is asking you to expose a machine with
> financial data to the Internet, furthermore a WINDOWS BOX with
> REMOTE ADMINISTRATOR ACCESS, your company needs to lose them. 
> If they're asking you to do that, I don't know how you could
> trust them to keep your data safe when it's in their hands.
> 
> -- 
> Jonathan Patschke  ) "Being on the Internet is not the same as
> being Elgin, TX         (   famous.  That's like calling
> Cheetos 'dinner'." USA                )                        
>            --Metal Steve
> _______________________________________________
> GEEKS:  http://www.sunhelp.org/mailman/listinfo/geeks


-- 
keyserver: http://pgp.mit.edu/



More information about the geeks mailing list