rdp client over internet

[Guest]

Hi
Which rdp client connection method is best over the internet? Simply opening
port 3389 on the firewall at the terminal server end and establishing a
session via the rdp client or opening ports 47 and 1723 and then creating a
vpn connection to the remote site and connecting to the terminal server by
it's private ip. What is the difference as far as security is concerned?

 

[Guest]

vpn is more secure than rdp

 

[Guest]

IPSec VPN is more secure, however PPTP VPN is no more secure than connecting
via RDP. I'd argue that in unmanaged VPN setups, a VPN connection is more
dangerous than a RDP connection, because you're allowing anything running on
hte remote computer to interect directly with your private network.

If you don't control both endpoints of the VPN, I'd stick with RDP. Most
people that want higher security with Terminal Server go with a secondary
authentication mechanism, i.e. SecureID

http://www.securecomputing.com/index.cfm?skey=21

Patrick Rouse
Microsoft MVP - Terminal Server
http://www.workthin.com

 

[Vin McLellan]

Patrick Rouse suggested:

If you don't control both endpoints of the VPN,
I'd stick with RDP. Most people that want
higher security with Terminal Server go with a
secondary authentication mechanism, i.e.
SecureID

Patrick helpfully offered the URL for Secure Computing. Well and good,
but let me add a couple more. I'm a consultant to RSA, which invented
and exclusively sells the time-synched SecurID, a popular competitor to
SC's Safeword token. RSA's URL is <http://www.rsasecurity.com>.

The RSA-Secured Partners Directory, which now lists 110 commercial VPN
and Firewall products which ship SecurID-Ready, is at:
<http://tinyurl.com/2cfbg> .

Suerte,
_Vin