Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

forwarding port, what should I know about security?

Status
Not open for further replies.
abaseballfan

abaseballfan

Technical User
Feb 20, 2004
53
US
Hi, was not sure where to post this, umm I have a Linksys router here at work and we have one computer set up as a server, it's just xp professional that it's running and using the remote desktop feature so certain supervisors here can access the system while away, and I have it working fine with port 3389 forwarded to the machine we all use as the server, but I am just curious if there is anything I should do for security to help with this? We just had this going for a few weeks now but want to hear from people that actually know about this stuff, none of us here are IT people really, and actually I got this far by posting on here and asking questions, lol, so I really appreciate any ideas on what I should and should not do with this, thank you for your time.
 
Sort by date Sort by votes
Weakest links - prioritized layers:

CLIENTS: Unhardened client machines could be subject to password stealing trojans and keyloggers. Place emphasis on local client machine security as much as possible.

STATIC IPs: Once a static IP has been broken, you could be forever in the sights of a persistant hacker. Dynamic IPs, as inconvenient as they are for you and your users, are very desirable by that very fact. I would investigate use of a Dynamic Update Client (DUC) such as for all your machines. Some DUC clients may also define time access restrictions.

PORTS: A default port (3389) can be generally indicative of the nature of a specific application with any known associated vulnerabilities. Change the default port if possible.

PASSWORDS: Avoid weak passwords that a password dictionary could easily crack. Try out password hacking tools against your user passwords.

SECURITY LOGS: I would want security logs and email alert capabilities for all activity against that port forwarded application. Suggest you test 'linklogger' for a 14 day time trial (
A lot of the same points with variations and alternatives are made here:


Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
 
Upvote 0 Downvote
See also - more complex:


... the preferred connection method is by VPN account. This is the preferred method because it avoids opening TCP Port 3389 to allow traffic through your firewall.
Click to expand...

Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

R
  • Question
CANNOT CREATE DIVISION RECAP FILE IN MAS90
Replies
0
Views
1K
REBECCA S
R
Mirzapur
  • Locked
  • Question
NEC SV9100 Trunk to Trunk Transferred call Not disconnecting issue
Replies
0
Views
491
Mirzapur
Mirzapur
T
  • Locked
  • Solved
Not able to log into my previous account, and there's no "Forget Password"
Replies
15
Views
1K
Chris Miller
Chris Miller
SamBones
  • Locked
  • Question
What Goes Into an SSH Public Key?
Replies
2
Views
262
burtsbees
burtsbees
Davidz50
  • Locked
  • Question
Counterpoint Inventory
Replies
1
Views
459
MarkSweetland
MarkSweetland

Part and Inventory Search

Sponsor

Back
Top