f



remote desktop ports

hi,I want to install a firewall infront of a server (w2k3) ,but
I have to reach it  via remote desktop (formerly terminal service)

I imagine
3389/tcp    microsoft-rdp       Microsoft Terminal Service

is enough, but what are these ports:

135/tcp   open     msrpc               Microsoft Windows RPC
1025/tcp  open     msrpc               Microsoft Windows RPC
1026/tcp  open     msrpc               Microsoft Windows RPC
1031/tcp  open     msrpc               Microsoft Windows RPC
1033/tcp  open     msrpc               Microsoft Windows RPC
2105/tcp  open     msrpc               Microsoft Windows RPC


thanks for your help

0
2/13/2006 8:28:57 AM
comp.security.firewalls 10672 articles. 0 followers. dfinc1988 (97) is leader. Post Follow

11 Replies
788 Views

Similar Articles

[PageSpeed] 20

<sillymartin@gmail.com> wrote in message 
news:1139819337.388485.185820@g47g2000cwa.googlegroups.com...
> hi,I want to install a firewall infront of a server (w2k3) ,but
> I have to reach it  via remote desktop (formerly terminal service)
>
> I imagine
> 3389/tcp    microsoft-rdp       Microsoft Terminal Service
>
> is enough, but what are these ports:
>
> 135/tcp   open     msrpc               Microsoft Windows RPC
> 1025/tcp  open     msrpc               Microsoft Windows RPC
> 1026/tcp  open     msrpc               Microsoft Windows RPC
> 1031/tcp  open     msrpc               Microsoft Windows RPC
> 1033/tcp  open     msrpc               Microsoft Windows RPC
> 2105/tcp  open     msrpc               Microsoft Windows RPC
>
>
> thanks for your help
>

rpc stands for Remote Proceedure Call. Do not open these ports on your 
firewall.

Systemguy 


0
Me1114 (20)
2/13/2006 2:21:49 PM
sillymartin@gmail.com wrote:
> hi,I want to install a firewall infront of a server (w2k3) ,but
> I have to reach it  via remote desktop (formerly terminal service)
> 
> I imagine
> 3389/tcp    microsoft-rdp       Microsoft Terminal Service
> 
> is enough,

Correct.

> but what are these ports:
> 
> 135/tcp   open     msrpc               Microsoft Windows RPC
> 1025/tcp  open     msrpc               Microsoft Windows RPC
> 1026/tcp  open     msrpc               Microsoft Windows RPC
> 1031/tcp  open     msrpc               Microsoft Windows RPC
> 1033/tcp  open     msrpc               Microsoft Windows RPC
> 2105/tcp  open     msrpc               Microsoft Windows RPC

135/tcp is the RPC portmapper, the other ports are probably services
using RPC (1025/tcp might be task scheduler, 1026/tcp w32time, etc.).
Use "netstat -anb" to find out what process is listening on each of
these ports.

cu
59cobalt
-- 
"Der Computer ist da, um zu rechnen, nicht um Ausreden wie 'Kann nicht
durch Null teilen' auf den Bildschirm zu schreiben."
--Marco Haschka in de.org.ccc
0
usenet-2006 (285)
2/13/2006 3:57:45 PM
sillymartin@gmail.com wrote:
> hi,I want to install a firewall infront of a server (w2k3) ,but
> I have to reach it  via remote desktop (formerly terminal service)
> 
> I imagine
> 3389/tcp    microsoft-rdp       Microsoft Terminal Service
> 
> is enough,

Correct. However, you'll probably want to tunnel that connection through
SSH or a VPN and not make port 3389 publicly available.

> but what are these ports:
> 
> 135/tcp   open     msrpc               Microsoft Windows RPC
> 1025/tcp  open     msrpc               Microsoft Windows RPC
> 1026/tcp  open     msrpc               Microsoft Windows RPC
> 1031/tcp  open     msrpc               Microsoft Windows RPC
> 1033/tcp  open     msrpc               Microsoft Windows RPC
> 2105/tcp  open     msrpc               Microsoft Windows RPC

135/tcp is the RPC portmapper, the other ports are probably services
using RPC (1025/tcp might be task scheduler, 1026/tcp w32time, etc.).
Use "netstat -anb" to find out what process is listening on each of
these ports.

cu
59cobalt
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
0
usenet-2006 (285)
2/13/2006 4:15:22 PM
"Ansgar -59cobalt- Wiechers" <usenet-2006@planetcobalt.net> wrote in message 
news:45bpkqF5vti5U1@individual.net...
> sillymartin@gmail.com wrote:
>> hi,I want to install a firewall infront of a server (w2k3) ,but
>> I have to reach it  via remote desktop (formerly terminal service)
>>
>> I imagine
>> 3389/tcp    microsoft-rdp       Microsoft Terminal Service
>>
>> is enough,
>
> Correct. However, you'll probably want to tunnel that connection through
> SSH or a VPN and not make port 3389 publicly available.
>
<snip>

Why tunnel or vpn to port 3389? By default RDP uses encryption, 128 bit up 
to 256 bit. And why not use 3389 publically, I have been for the past 5 
years with no problems at all.

Wayne McGlinn
Brisbane, Oz 


0
wayne5003 (58)
2/15/2006 3:28:17 AM
In article <dsu765$jo9$1@nntp.aioe.org>, wayne@briz.oz says...
> 
> "Ansgar -59cobalt- Wiechers" <usenet-2006@planetcobalt.net> wrote in message 
> news:45bpkqF5vti5U1@individual.net...
> > sillymartin@gmail.com wrote:
> >> hi,I want to install a firewall infront of a server (w2k3) ,but
> >> I have to reach it  via remote desktop (formerly terminal service)
> >>
> >> I imagine
> >> 3389/tcp    microsoft-rdp       Microsoft Terminal Service
> >>
> >> is enough,
> >
> > Correct. However, you'll probably want to tunnel that connection through
> > SSH or a VPN and not make port 3389 publicly available.
> >
> <snip>
> 
> Why tunnel or vpn to port 3389? By default RDP uses encryption, 128 bit up 
> to 256 bit. And why not use 3389 publically, I have been for the past 5 
> years with no problems at all.

because, like many other MS services, it could have a hole exposed at 
any moment. If you use a trusted appliance for a VPN end-point, 
typically a firewall, you don't have near the exposure level and you can 
place additional limits on the connections without exposing ANY MS 
services.

I never allow direct connection to the company servers/network and we've 
never had a single compromised computer/network in almost 30 years 
(although it was a lot different in those early days). 

-- 

spam999free@rrohio.com
remove 999 in order to email me
0
void6 (2855)
2/15/2006 11:42:21 AM
"Leythos" <void@nowhere.lan> wrote in message 
news:xsEIf.80027$tK4.45126@tornado.ohiordc.rr.com...
> In article <dsu765$jo9$1@nntp.aioe.org>, wayne@briz.oz says...
>>
>> "Ansgar -59cobalt- Wiechers" <usenet-2006@planetcobalt.net> wrote in 
>> message
>> news:45bpkqF5vti5U1@individual.net...
>> > sillymartin@gmail.com wrote:
>> >> hi,I want to install a firewall infront of a server (w2k3) ,but
>> >> I have to reach it  via remote desktop (formerly terminal service)
>> >>
>> >> I imagine
>> >> 3389/tcp    microsoft-rdp       Microsoft Terminal Service
>> >>
>> >> is enough,
>> >
>> > Correct. However, you'll probably want to tunnel that connection 
>> > through
>> > SSH or a VPN and not make port 3389 publicly available.
>> >
>> <snip>
>>
>> Why tunnel or vpn to port 3389? By default RDP uses encryption, 128 bit 
>> up
>> to 256 bit. And why not use 3389 publically, I have been for the past 5
>> years with no problems at all.
>
> because, like many other MS services, it could have a hole exposed at
> any moment. If you use a trusted appliance for a VPN end-point,
> typically a firewall, you don't have near the exposure level and you can
> place additional limits on the connections without exposing ANY MS
> services.
>
> I never allow direct connection to the company servers/network and we've
> never had a single compromised computer/network in almost 30 years
> (although it was a lot different in those early days).
>
Ok, I'll admit to running a Checkpoint Firewall in front :) But still, by 
using a ssl-like mechanism to secure the RDP channel, it's as least as 
secure as SSH (128 bit-wise, I mean) And yes, there could be a hole, but by 
following best practices in regard to Terminal Serives logon permissions, 
Anonymous User and the group Everyone's NTFS permissions, I'm confident it's 
pretty safe. Like you, I've been resposible for a multitude of networks, 
from Netware 2.15, NT 3.5, Solaris 2.3 and onwards. Open the front door, but 
direct them into a lockable reception area.

Wayne 


0
wayne3999 (19)
2/15/2006 12:10:02 PM
In article <43f31a04$1@quokka.wn.com.au>, wayne@removeme.murrumba.net 
says...
> 
> "Leythos" <void@nowhere.lan> wrote in message 
> news:xsEIf.80027$tK4.45126@tornado.ohiordc.rr.com...
> > In article <dsu765$jo9$1@nntp.aioe.org>, wayne@briz.oz says...
> >>
> >> "Ansgar -59cobalt- Wiechers" <usenet-2006@planetcobalt.net> wrote in 
> >> message
> >> news:45bpkqF5vti5U1@individual.net...
> >> > sillymartin@gmail.com wrote:
> >> >> hi,I want to install a firewall infront of a server (w2k3) ,but
> >> >> I have to reach it  via remote desktop (formerly terminal service)
> >> >>
> >> >> I imagine
> >> >> 3389/tcp    microsoft-rdp       Microsoft Terminal Service
> >> >>
> >> >> is enough,
> >> >
> >> > Correct. However, you'll probably want to tunnel that connection 
> >> > through
> >> > SSH or a VPN and not make port 3389 publicly available.
> >> >
> >> <snip>
> >>
> >> Why tunnel or vpn to port 3389? By default RDP uses encryption, 128 bit 
> >> up
> >> to 256 bit. And why not use 3389 publically, I have been for the past 5
> >> years with no problems at all.
> >
> > because, like many other MS services, it could have a hole exposed at
> > any moment. If you use a trusted appliance for a VPN end-point,
> > typically a firewall, you don't have near the exposure level and you can
> > place additional limits on the connections without exposing ANY MS
> > services.
> >
> > I never allow direct connection to the company servers/network and we've
> > never had a single compromised computer/network in almost 30 years
> > (although it was a lot different in those early days).
> >
> Ok, I'll admit to running a Checkpoint Firewall in front :) But still, by 
> using a ssl-like mechanism to secure the RDP channel, it's as least as 
> secure as SSH (128 bit-wise, I mean) And yes, there could be a hole, but by 
> following best practices in regard to Terminal Serives logon permissions, 
> Anonymous User and the group Everyone's NTFS permissions, I'm confident it's 
> pretty safe. Like you, I've been resposible for a multitude of networks, 
> from Netware 2.15, NT 3.5, Solaris 2.3 and onwards. Open the front door, but 
> direct them into a lockable reception area.

I think you've still missed the point, based on your statement "it's as 
least as secure as SSH (128 bit-wise, I mean)" - the point is to NOT 
expose Windows to the public in a means where a exploit would grant 
access to the server/network.

In this case RDP does NOT need to be exposed directly as there are 
viable, proven, more secure, means available to provide access to the 
network. As a simple example, even a PPTP connection between a remote 
user and the firewall, where the user is required to PPTP end-point into 
the firewall, and then limited to TCP3389 to a specific LAN IP for his 
RDP session, is more secure than just allowing TCP3389 to LAN IP. I've 
not seen the Firewall PPTP cracked yet, and since we Admin types issue 
firewall user names and passwords that users can't change, we get the 
ability to make a firewall vpn end-point login as hard as we want and we 
ensure that the user/pass for the vpn doesn't match the LAN user/pass so 
that a second login is required to get access.

"And yes, there could be a hole, but by following best practices in 
regard to Terminal Serices logon permissions" this tells me a lot, don't 
take this as an attack, more a warning, but you need to understand that 
there are a couple things here: There is the right way, the wrong way 
and the Microsoft way, which may not be either of the first two. When it 
comes to security I never rely on the OS to be the protection, I use two 
or more layers and never expose the OS, even Linux, directly.

If you adopt this method and make it your standard you'll have customers 
that come to you and say "Wow, did you see how all those companies got 
hit by that worm/virus/attack, how come things like that never happen to 
us?". I've never had a customer hacked in all my years and we handle 
clients as small as 10 node doctor offices and as large as government 
agencies with several hundred nodes to medical centers with hundreds of 
nodes across multiple locations with multiple external business partner 
connections.

-- 

spam999free@rrohio.com
remove 999 in order to email me
0
void6 (2855)
2/15/2006 7:16:53 PM
sillymartin@gmail.com wrote:
> hi,I want to install a firewall infront of a server (w2k3) ,but
> I have to reach it  via remote desktop (formerly terminal service)

Then you could use an ssh tunnel, for example.

Yours,
VB.
-- 
> My windows XP is updated for all critical updates including survive pack 2.
Norman Perry in c.s.f
0
bumens (2698)
2/17/2006 10:14:34 PM
Wayne <wayne@briz.oz> wrote:
> Why tunnel or vpn to port 3389? By default RDP uses encryption, 128 bit up 
> to 256 bit.

Better don't trust in it. And what should "128bit" or "256bit" tell us
about security?

> And why not use 3389 publically, I have been for the past 5 
> years with no problems at all.

Yes. With no problems at all, at least no problems you did realize.

Yours,
VB.
-- 
> My windows XP is updated for all critical updates including survive pack 2.
Norman Perry in c.s.f
0
bumens (2698)
2/17/2006 10:15:57 PM
"Volker Birk" <bumens@dingens.org> wrote in message 
news:43f64b1d@news.uni-ulm.de...
> Wayne <wayne@briz.oz> wrote:
>> Why tunnel or vpn to port 3389? By default RDP uses encryption, 128 bit 
>> up
>> to 256 bit.
>
> Better don't trust in it. And what should "128bit" or "256bit" tell us
> about security?
>
>> And why not use 3389 publically, I have been for the past 5
>> years with no problems at all.
>
> Yes. With no problems at all, at least no problems you did realize.
>
> Yours,
> VB.

No problems, full stop, Volker. I see ports probes at times, but no logon or 
logon attempts to my DC.

Wayne 


0
wayne5003 (58)
2/19/2006 9:23:14 PM
Wayne wrote:
> "Volker Birk" wrote in message news:43f64b1d@news.uni-ulm.de...
>> Wayne <wayne@briz.oz> wrote:
>>> And why not use 3389 publically, I have been for the past 5 years
>>> with no problems at all.
>>
>> Yes. With no problems at all, at least no problems you did realize.
> 
> No problems, full stop, Volker. I see ports probes at times, but no
> logon or logon attempts to my DC.

There's more things, Horatio, than port probes and logon attempts.

Like Volker said: no problems you realized.

cu
59cobalt
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
0
usenet-2006 (285)
2/20/2006 3:00:10 PM
Reply:

Similar Artilces:

Symantec 200R Firewall port forwarding remote desktop security
Hi, I have set up the 200R to allow a virtual server for port 3389 so that I can connect to our remote server using terminal services to the public Internet IP address. It all works OK but I have disabled it because of security reasons. Two questions:- Is there any way to tie down this access to my own PC or network? Can I make the port appear in Stealth mode rather than Open? Regards, Vic Vic Russell wrote: > Hi, > I have set up the 200R to allow a virtual server for port 3389 so that I > can connect to our remote server using terminal services to the public > Internet ...

remote desktop security
Need to learn a little more about securing remote desktop. Using and SMC router with wep. Have a secret port accessed. Would prefer not to use my admin account when logging in, but if I leave the home computer on in a particular profile, I am not able to log into another one from a remote computer. That's confusing me. I guess I can leave on an admin account and then when I log in I may be able to log out and log into a non admin account. I'm wondering if any additional security is needed. I'm not an expert so I need plain english. Thank you. ...

Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005
Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005 - , ---------------------------------------------------------------------------- Security programs 2005 - Utimaco SafeGuard Advanced Security v4.30.0.335 Multi CD NR 17 543 Utimaco SafeGuard Advanced Security v4.30.0.335 Terminal Server Base Module Multi CD NR 17 544 Utimaco SafeGuard Advanced Security v4.30.0.335 Terminal Ser...

Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005
Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005 - , ---------------------------------------------------------------------------- Security programs 2005 - Utimaco SafeGuard Advanced Security v4.30.0.335 Multi CD NR 17 543 Utimaco SafeGuard Advanced Security v4.30.0.335 Terminal Server Base Module Multi CD NR 17 544 Utimaco SafeGuard Advanced Security v4.30.0.335 Terminal Server Multi CD NR 17 545 Symantec Norton Internet Security 2005 CD NR 17 234 Symantec Client Security Corporate Edition v2.0 CD NR 15 321 Symantec Mail Security for Microsoft Exchange 4.0 CD NR 13 364 Steganos Internet Security 7 CD NR 16 968 McAfee Internet Security Suite V7.0 2005 CD NR 16 727 Security Service (c) McAfee CD NR 11 362 Symantec Norton Internet Security v3.0 For Mac OSX CD NR 12 698 Microsoft Windows XP SP2, With Advanced Security Technologies. CD NR 16 244 PANDA PLATINUM INTERNET SECURITY V8.05 SUB100 CD NR 16 096 Panda Platinum Internet SEcurity *Englsih-Spanish* 14 184 IBM Tivoli Security Manager v5.1 (c) IBM CD NR 15 750 Finjan Vital Securit...

Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005
Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005 - , ---------------------------------------------------------------------------- Security programs 2005 - Utimaco SafeGuard Advanced Security v4.30.0.335 Multi CD NR 17 543 Utimaco SafeGuard Advanced Security v4.30.0.335 Terminal Server Base Module Multi CD NR 17 544 Utimaco SafeGuard Advanced Security v4.30.0.335 ...

pgp programs 2005 -, Security programs 2005
pgp programs 2005 -, Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005 - , ---------------------------------------------------------------------------- pgp programs 2005 - PGP.CommandLine.for.Linux.v8.5.0 PGP.CommandLine.for.Solaris.v8.5.0 PGP.CommandLine.v8.5.0 (week 31/2004) PGP.Desktop.v8.1.for.Windows PGP.Personal.Desktop.v8.1.for.Macintosh (week 26/2004) PGP.Enterprise.v8.0.3 (week 49/20030 PGP.v8.0.3 (week 42/2003) 15/...

pgp programs 2005 -, Security programs 2005
pgp programs 2005 -, Security programs 2005 - , Firewall programs 2005 -, Antivirus programs 2005 -, APPDEV DOT NET SECURITY, Linux Security and Firewall programs 2005 -, CiscoWorks ( CW ) Security programs 2005 - , ---------------------------------------------------------------------------- pgp programs 2005 - PGP.CommandLine.for.Linux.v8.5.0 PGP.CommandLine.for.Solaris.v8.5.0 PGP.CommandLine.v8.5.0 (week 31/2004) PGP.Desktop.v8.1.for.Windows PGP.Personal.Desktop.v8.1.for.Macintosh (week 26/2004) PGP.Enterprise.v8.0.3 (week 49/20030 PGP.v8.0.3 (week 42/2003) 15/...

security of reverse port on the firewall
I can't seem to find any discussions on the security of opening a reverse port of a firewall for NTP. I would have thought this was a fairly important point of discussion or is it not? Can anyone point me to info on this item? Don Don S wrote: >I can't seem to find any discussions on the security of opening a reverse >port of a firewall for NTP. I would have thought this was a fairly important >point of discussion or is it not? Can anyone point me to info on this item? > >Don > > If you limit port 123 to UDP, I don't see that there is much, if any, hazard...

Remote Desktop Web Connection Security
So I've got a Linksys wireless router (BEFW11S4 v2) and an XP machine that has the following things setup: Internet Connection Firewall Enabled with Port 3200 and the same with port 3389. IIS Setup to run on Port 3200. Remote Assistance and Remote Desktop enabled and a user selected. Router has IPSec and PPTP Pass Through Enabled MTU is set to 1482 and Enabled DMZ Host is set to XP machine's IP address Ports 3200 and 3389 are set to use both TCP and UDP and are forwarded to the XP Machine's IP address In this way using these settings I've been able to connect t...

Configuring F-Secure Firewall Ports
Hi, I am trying to get my firewall ports forwarded to use bit torrent (easytree.org). When I go into F-Secure, it asks me for "Initiator" and "Responder" ports. Which ports should I designate for each? Are 6881-6889 the "Initiator" ports? After my username on easytree it shows 26074 as being the blocked port. Any advice would be appreciated. Thanks! Sophie Use TCP 6969 as the Initiator and TCP 6881-6889 as the Responder Activate by selecting the above service under the Rules tab take a note on the order of the rules though, your deny everything should ...

Citrix, VPN, Remote Desktop and Wireless security
I'm going to be opening a doctor's office, with a computer system run off a server in the office. I'd like to be able to access the system remotely when I'm sitting at home, or even in a coffee shop through their wireless network. I have 2 questions: 1) How do I best set up the access itself? I have been advised that the Windows remote desktop is the most economical approach to be able to get into my system, but I'm concerned that it might be slow. I've been advised to try GoToMyPC as well, but this would probably be slower than I'd like. Currently,...

MS Remote Desktop for Mac Ports needed
have a Mac OS 10.4 where I want to setup a remote desktop server(1 user -at home logging in) What ports need to be open on Firewall for the Mac in the office acting as the server? Regards cr NewsGroup: > have a Mac OS 10.4 where I want to setup a remote desktop server(1 > user -at home logging in) What ports need to be open on Firewall for the > Mac in the > office acting as the server? Open the 'Sharing' System Preferences pane, go to 'Firewall' and hover the cursor over 'Apple Remote Desktop', wait a second and it will tell you which ports a...

Cisco 837 - Port fowarding question
Here's my situation: At work I'm using remote desktop (port 3389) to get to home PC. My work firewall has most ports blocked on inside to outside. My 827 has the following commands: ip nat inside source static tcp 192.168.1.7 3389 interface Dialer1 3389 access-list 111 permit tcp any any eq 3389 My only security is my username and password and the fact I'm using DynDNS which helps a little. Obviously I want to change the port to something obscure. Here's the solution (that won't work in my case.) From work; dynDNSname:34600 From home: ip nat inside source static tcp...

Configuring F-Secure Firewall Ports for Bit Torrent
Hi, I am trying to get my firewall ports forwarded to use bit torrent (easytree.org). When I go into F-Secure, it asks me for "Initiator" and "Responder" ports. Which ports should I designate for each? Are 6881-6889 the "Initiator" ports? After my username on easytree it shows 26074 as being the blocked port. Any advice would be appreciated. Thanks! Sophie ...

Remote desktop connection via DSL-500 firewall.
Hi I have a DSL-500 with the latest firmware loaded, NAT enabled, a DMZ setup to a non-existent IP (stealthed ports), and port 3389 forwarded to a PC on the LAN (192.168.0.111). If the firewall is disabled, remote desktop works fine. If I enable the firewall RDP doesn't work. Q1. Is the firewall really necessary, since all ports except 3389 are stealthed, and all PC's are behind NAT? Q2. What, if any, are the security implications of leaving port 3389 open? Q3. Has anyone successfully got RDP working with the DSL-500 firewall? The rule (one of many) I have setup to allow port 33...

Norton Internet Security 2003 & remote desktop connection with Win XP
Hello, I have windows XP Pro on my computer with the home edition of NIS 2003. I tried already everything to connect with my PC from remote position but if my NIS firewall is on it want work. I tried to change the rule already but with no success. If I put my firewall off it works immediately so the problem is definitely there. Does anyone know what to change in my settings? Thank you very much for replying, Dino Dino, Most of the people who know how to do this aren't going to tell you. Why? In the first place, they're unlikely to do it themselves, because they would just be p...

Security check on firewall and workstations behind the firewall
Hi, What procedures should be carried out to thoroughly check security on a network comprised of one Windows 2000 Server running the CHX-I packet filter from http://www.idrci.net (and also configured to do NAT and share an internet connection) and several Windows 2000 Professional workstations ? It's two things that I have to analyze: 1) Security on the server itself, and 2) (In)accessibility to internal workstations from the public Internet. E-mail and web surfing are the only Internet services -so to say- they are allowed to do. I would like to know what is the standard procedure to carry out such checks, I mean, what tests should be done and what software tools (from Microsoft or third parties) for security analysis/audit should be used. As an additional note, the operating system on the server and workstations is automatically updated and Norton Antivirus (retail version on the workstations and Corporate Edition on the server) is installed. Thank you. Fernando Ronci E-mail: fernandoronci@hotmail.com ...

Remote Desktop (XDMCP) works on LAN, but not remote location.
Following the suggestions of others on my previous thread "Can't log into remote desktop XDMCP" http://groups.google.com/group/comp.unix.solaris/browse_thread/thread/796f16d1fc0f3c65 I now have this working on my LAN. i.e I can now access more than one machine from the Solaris login page by selecting a remote system. But 'remote' in this context is only working for machines on the same subnet - not from anywhere else. I've set up the modem/router/firewall to route UDP port 177 and TCP Port 6000 to this machine from the outside. (IP filter runs on the workst...

Ports for DB2 behind firewall / ssh port forward
hi newsgroup, I'd like to connect to a remote DB2 Database V 8.2 using the "DB2 Steuerzentrale" (I guess it's called something like "DB2 management console" in the English version). Since the database host is behind a firewall I tried to communicate through ssh port forwarding. Therefore, I run: ssh -L 6789:remotename:6789 -L 50000:remotename:50000 -L 50001:remotename:50001 -L 523:remotename:523 remotename Though the ssh connection is established, my "DB2 Steuerzentrale" won't connect to localhost successfully and shows an error num...

How do I: Switchport port-security on Pix 501 Switch Ports
I have a bunch of remote fire stations on a nailed vpn over cable to our internal network. I need to be able to do something similar to what I do with switches: switchport port-security switchport port-security mac-address sticky These folks keep bringing in personal laptops that are virus/malware infected and putting them on our network. Does anyone have any idea on how I can control these switch ports on the 501? Some models actually show the switch ports, but the eraly models, don'/ t even show the switchports on a 'sh int' Thank-you for any idea's. Bruce D. Meyer Bru...

How secure is the security from my security form?
Hey, I have a question about how secure the following will be.... I want to have a login form that posts to itself, so when it loads it checks if there is a username and password on the query list. If there is not, it asks for one. If there is, it checks to see if the information is valid. If it is not valid, it deletes the attributes and calls itself again. If it is valid it sets a particular session variable to be some value and redirects to the next page. Every page from there on in will check to see if the session variable is set and if not will redirect back to the login page. Are ...

Warning: remote port forwarding failed for listen port 4043
I have a script that does a port forwarding for me: ssh -n -R localhost:4043:localhost:22 remoteserver.example.com The problem with this is that if port forwarding fails, ssh prints Warning: remote port forwarding failed for listen port 4043 But it STAYS CONNECTED instead of properly failing with exit code. So it is a MAJOR pain to detect this condition and kill ssh. How can I change is so that, when report port forwarding cannot be accomplished, ssh exits right away? I think that it is a bug, period. thanks i >>>>> "Ignoramus3694" == Ignoramus3694 <ignoramus3694@NOSPAM.3694.invalid> writes: Ignoramus3694> I have a script that does a port forwarding for me: ssh Ignoramus3694> -n -R localhost:4043:localhost:22 Ignoramus3694> remoteserver.example.com Ignoramus3694> The problem with this is that if port forwarding fails, Ignoramus3694> ssh prints Ignoramus3694> Warning: remote port forwarding failed for listen port Ignoramus3694> 4043 Ignoramus3694> But it STAYS CONNECTED instead of properly failing with Ignoramus3694> exit code. Ignoramus3694> So it is a MAJOR pain to detect this condition and kill Ignoramus3694> ssh. Ignoramus3694> How can I change is so that, when report port Ignoramus3694> forwarding cannot be accomplished, ssh exits right Ignoramus3694> away? Reading the documentation [ssh_config(5)]: ExitOnForwardFai...

Desktop firewalls
Sorry if this question has been asked before, but I"m new to this group. Are desktop firewalls really necessary if I have a built-in firewall on my router? I do have open ports for my web server and email which I run on my Windows 2003 domain controller. Is my computer vulnerable or are there even some settings in my Domain Controller Security manager that can prevent any intrustions. If a desktop firewall is necessary, what are some of the better or even the best one I can get? TIA for any help/advice Rollin ...

Remote desktop
So we have a couple VMs at work, one of them Windoze, running on a Xen hypervisor. We have a Windoze box that we use to connect to the Windoze VM via Remote Desktop. We can also connect to the Windoze VM from any of the Windoze workstations. When we do that, every time, a little <laughing> "progress" dialog comes up saying "securing connections". And it trundles. And trundles. And trundles. Then it finally connects... most of the time. Sometimes it claims it cannot find the machine (by name) and it asks you to try the IP address instead. So I bring...

Web resources about - remote desktop ports - comp.security.firewalls

Active Desktop - Wikipedia, the free encyclopedia
Windows 95 or NT 4.0 with Internet Explorer 4.0, Windows 98, Windows 2000, Windows ME, Windows XP, Windows Server 2003 Active Desktop was a feature ...

Opera's desktop browser adds a built-in ad-blocker
... ads at the network level . And, as of today, Opera Software is also a member of this group. Opera Software just announced that its desktop ...

Snapchat used the Oscars to launch its web player — finally a way to share Snaps on desktop
... move from Snapchat to make content on the app more shareable. Until now, the only way to share a Snap (or a Snap from a Live Story) on desktop ...

This Russian all-in-one desktop is just quirky enough to attract attention
... left over from 1999. The latest entrant seems more promising but is still one to file under "curiosity." It's a 21.5-inch all-in-one desktop ...

Opera's desktop web browser gets built-in ad blocking
If you use a major desktop web browser, you usually have to hunt down an ad blocking add-on if you're determined to purge intrusive promos from ...

Computer Sales Continue to Evolve Away From Desktop PCs, Says Report
As desktop PC sales continue to fade, steady sales of laptops and portables appear to debunk the idea that PCs are dead, the report finds.

AMD launches XConnect, partners with Intel, Razer to drive desktop gaming on laptops
AMD's XConnect is designed to bridge the gap between mobile and desktop-class gaming hardware and give gamers the advantages of both.

AMD's XConnect Allows You To Connect Desktop Graphics Cards To Your Laptop For Better Performance
AMD's XConnect Allows You To Connect Desktop Graphics Cards To Your Laptop For Better Performance

Issue references and @mentions for GitHub Desktop
GitHub Desktop on both Windows and Mac now provides suggestions when mentioning team members, referencing Issues, and adding more to your commit ...

There's A Great New Google Music Desktop Player For Mac
There's good news for fans of Google Play Music, the search giant's answer to iTunes and Spotify. An updated version of Google Play Music Desktop ...

Resources last updated: 3/13/2016 4:31:42 AM