terminal server and web

  • Thread starter Thread starter ian
  • Start date Start date
I

ian

from a security viewpoint is it ok to run terminal
services for remote management by IT people, on the same
server that is running IIS.
and if the answer is no what should be used. ??

Thanks
 
I'd add, for outside users, use SSL and /or VPN.
I think it can be used if you would also trust these same people
to log onto that machine at the keyboard. Terminal Services remote
administration can open a backdoor to a computer of course. You can
minimize risk by using very complex passwords, enabling auditing of
account logon, making sure high encryption is enabled, enabling an
account lockout policy that will defeat bute force attacks [20
attempts, 10 minute reset or so] and if going through a firewall use
specific ip addresses as outside source instead of anyone and maybe
even create firewall rule that is time limited if appropriate. ---
Steve

ian said:
from a security viewpoint is it ok to run terminal
services for remote management by IT people, on the same
server that is running IIS.
and if the answer is no what should be used. ??

Thanks
 
Back
Top