Guest Boe Posted July 24, 2007 Posted July 24, 2007 Hello, If I use the a firewall and open up just port 3389 from specfic IPs and use RDP from those IPs to get to a waiting PC, am I OK or am I required to use a secured VPN client first?
Guest Sooner Al [MVP] Posted July 24, 2007 Posted July 24, 2007 Re: Sarbanes Oxley - RDP OK? "Boe" <boe_d@hotmail.com> wrote in message news:eF7kpBgzHHA.4276@TK2MSFTNGP05.phx.gbl... > Hello, > > If I use the a firewall and open up just port 3389 from specfic IPs and > use RDP from those IPs to get to a waiting PC, am I OK or am I required to > use a secured VPN client first? > If you use a *STRONG* password in general you should be safe. Is this in a corporate environment, ie. accessing a Terminal Server, or for home use, ie. accessing a home PC or PCs? For home users I recommend running Remote Desktop through a Secure Shell (SSH) tunnel because... 1. You can use a private/public key pair protected with a password for strong authentication versus a password only (strong or otherwise). 2. You can access more than one PC behind a router or firewall by only opening one port versus multiple ports. Corporate users should consult their network admins about this. More than likely a VPN will be required to access the corporate network first before connecting with Remote Desktop. The bottom line is a VPN or SSH tunnel is NOT required but it is good to use, IMHO... -- Al Jarvi (MS-MVP Windows Networking) Please post *ALL* questions and replies to the news group for the mutual benefit of all of us... The MS-MVP Program - http://mvp.support.microsoft.com This posting is provided "AS IS" with no warranties, and confers no rights... How to ask a question http://support.microsoft.com/KB/555375
Guest Sam Hobbs Posted July 24, 2007 Posted July 24, 2007 Re: Sarbanes Oxley - RDP OK? "Boe" <boe_d@hotmail.com> wrote in message news:eF7kpBgzHHA.4276@TK2MSFTNGP05.phx.gbl... > Hello, > > If I use the a firewall and open up just port 3389 from specfic IPs and > use RDP from those IPs to get to a waiting PC, am I OK or am I required to > use a secured VPN client first? Required by what? Your subject has Sarbanes Oxley in it, but it would help to state explicitly in the question that it is what you are asking about. I am not a Sarbanes-Oxley expert, but I have read about it. It essentially says that management is responsible for doing whatever is reasonable to ensure that nothing improper is done. It is not specific about how to do that.
Recommended Posts