ts for remote admin, secure?
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: ts for remote admin, secure?

  1. #1
    Senior Member
    Join Date
    Jul 2002
    Posts
    106

    ts for remote admin, secure?

    i was wondering what other people think about using ts in win2k for remote administration. how secure do you think it is? i know you can set the encryption level to 128bit, but is that all that can be done, should/could any other steps be taken to make it more secure?

    thoughts anyone?
    just making some minor adjustments to your system....

  2. #2
    Senior Member
    Join Date
    Jul 2001
    Posts
    343
    ts ???? Can you be more specific ???
    Franklin Werren at www.bagpipes.net
    Yes I do play the Bagpipes!

    And learning to Play the Bugle

  3. #3
    Senior Member
    Join Date
    Jul 2002
    Posts
    106
    yes, sorry. terminal services (aka - ts)
    just making some minor adjustments to your system....

  4. #4
    Senior Member
    Join Date
    Jul 2002
    Posts
    112
    Terminal Services... As far as secure. What do you mean secure you mean opening TCP port 3389 through your firewall so you can connect to the server to remotely administrate it.. Well, think about it, you are opening a port on your firewall that allows traffic. It is as secure as that server at that point, because anyone who is able to port scan and detect the open port will be able to go to a logon prompt. Now if you have an external router where you have control over access list you can allow only port 3389 from a specific external IP address for added security..... How secure do you need to be it the question...
    My other Computer is a 4000 node Beowulf Custer

  5. #5
    Senior Member
    Join Date
    Jul 2002
    Posts
    106
    well, i was vague with my question and i apologize. let me try to redeem myself here.

    i am well aware of opening the port on the firewall, and exposing that port to the meanies. i am more interested in the security of the actual connection, meaning is my session safe? can someone intercept my remote session and say for example capture usernames/passwords that i may be setting up, that's really what i am curious about?
    just making some minor adjustments to your system....

  6. #6
    Senior Member
    Join Date
    Jul 2002
    Posts
    112
    Ahhh... much different question... IF you are running encryption the the sessions is encrypted and is secured. This is from Q232514

    Terminal Services supports three levels of encryption: low, medium, and high.

    Low Encryption

    This level secures the user logon information and data sent to the server, but not the data sent from the server to the client. This encryption level is recommended for use when the network is secure.


    Medium Encryption (Default Level)

    This level encrypts the data transmission in both directions. This encryption level is recommended for use when the network is not secure, and outside North America.

    NOTE : If you connect to a Windows 2000 server running Terminal Services set for Low or Medium encryption levels and use version 4.0 of the Terminal Server client, your data is encrypted using a 40-bit key. If you are using version 5 of the Terminal Server client, your data is encrypted with a 56 bit-key.


    High Encryption

    This level encrypts the data transmission in both directions using a 128-bit key. This encryption level is recommended for use when the network is not secure, and within North America.
    My other Computer is a 4000 node Beowulf Custer

  7. #7
    Senior Member
    Join Date
    Jul 2002
    Posts
    106
    m$ says that:

    All levels use the standard RSA RC4 enyryption.
    but we all know how bill & Co. like to *bend* the standards somewhat. i was wondering if anyone had heard m$ changing anything in the implementation in win2k. if so, then maybe my session data was at risk.

    so far, terminal services in remote admin mode has been great. saved my company some money, since we didn't have to buy pcanywhere. (and i find winVNC kinda clunky, just my 2 cents though)
    just making some minor adjustments to your system....

  8. #8
    Senior Member
    Join Date
    Jul 2002
    Posts
    112
    hate vnc and pcanywhere both we are using TS and RAdmin where needed
    My other Computer is a 4000 node Beowulf Custer

  9. #9
    Senior Member
    Join Date
    Jul 2002
    Posts
    106
    haven't tried RAdmin. how is it compared to windows TS?
    just making some minor adjustments to your system....

  10. #10
    Senior Member
    Join Date
    Jul 2002
    Posts
    112
    RAdmin is made by Famatech http://www.radmin.com/ and I think there is a demo available. It has gotten great reviews is it small and fast remote control the runs as an NT service and can use NT security for authenication.. I like it but peoples tastes are different. I use it for remote control of NT 4 server still on my Net and for client controll... I use TS an all W2K servers. I am actually use the Remote Desktop Client (can be found on the XP Pro CD) on my W2K Pro Workstation to logon to the W2K for Remote Administration. There is also a TS Snap in for MMC with is really nice bacause you can have multiple server logged in and bounce back and forth within the MMC...
    My other Computer is a 4000 node Beowulf Custer

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •