RDC using TZO considerations....need advice

[Steve Stewart]

Hi all,

No problems over here...but I do need some sounds advice. I have
Windows Remote Desktop Connection working and I'm using the TZO
software. I do have some general questions.

I have the TZO ports open, as well as the RDC port open on my Dlink
router/firewall. Is this a major security hazard, and aside from
encryption, would using a VPN for RDC make things more secure?

I'm thinking that TZO software might not even need its native ports
open, considering the nature of the firewall is to allow user
initiatied communications to occur.

Do the two computers that are communicating need to be in the same
workgroup?


Thanks,

Steve

 

[Bill Sanderson]

You don't need the TZO ports open in a router. If you had a true firewall
which restricted outbound traffic, you'd need to open ports outbound for the
TZO client.

Keep up to date on critical security patches, turn on auditing for both
successful and failed logons, rename the administrator account, use strong
passwords on all administrator accounts and accounts with RD permissions.

RD sessions, including the login credentials exchange, are encrypted.
Adding the additional encryption of a VPN does make things slightly more
secure.

The computers communicating via RD don't need to be in the same workgroup or
domain.

 

[Steve Stewart]

Hi Bill,


Thanks for the great advice.

Steve

You don't need the TZO ports open in a router. If you had a true firewall
which restricted outbound traffic, you'd need to open ports outbound for the
TZO client.

Keep up to date on critical security patches, turn on auditing for both
successful and failed logons, rename the administrator account, use strong
passwords on all administrator accounts and accounts with RD permissions.

RD sessions, including the login credentials exchange, are encrypted.
Adding the additional encryption of a VPN does make things slightly more
secure.

The computers communicating via RD don't need to be in the same workgroup or
domain.