terminal server and web

I

ian

from a security viewpoint is it ok to run terminal
services for remote management by IT people, on the same
server that is running IIS.
and if the answer is no what should be used. ??

Thanks
 
L

Lanwench [MVP - Exchange]

I'd add, for outside users, use SSL and /or VPN.
I think it can be used if you would also trust these same people
to log onto that machine at the keyboard. Terminal Services remote
administration can open a backdoor to a computer of course. You can
minimize risk by using very complex passwords, enabling auditing of
account logon, making sure high encryption is enabled, enabling an
account lockout policy that will defeat bute force attacks [20
attempts, 10 minute reset or so] and if going through a firewall use
specific ip addresses as outside source instead of anyone and maybe
even create firewall rule that is time limited if appropriate. ---
Steve

ian said:
from a security viewpoint is it ok to run terminal
services for remote management by IT people, on the same
server that is running IIS.
and if the answer is no what should be used. ??

Thanks
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Windows Server 2000 and Terminal Server security issue 2
Terminal Services Security 1
Win2k Terminal Service connection issues 1
Terminal server virus threat 1
Disable "Allow logon to terminal server" 5
To move or not to move to a Terminal Server 20
Security for DNS/IIS 7
HELP !!! User cannot log into the Terminal Server 2

Top