Hosting Provided By

RE: Secure / Encrypt Terminal Services

From: epic <epic(at)surrealideas.com>
Date: Tue Nov 26 2002 - 16:26:08 EST

There was a pretty decent paper on securityfocus about 2 months ago about doing this a number of ways. I will search and provide the link below if I find it.

My suggestion would be to use an encrypted tunnel between client and server, whether this uses an app like stunnel, or a VPN providing encryption is up to you.

http://online.securityfocus.com/infocus/1629

I have used stunnel, and zebedee to do a few various services using encryption, and I believe zebedee to work fine for terminal services. You will want to read the link above.

If you have any questions, let me know.

-----Original Message-----

From: ohnonono@hushmail.com [mailto:ohnonono@hushmail.com] Sent: Thursday, November 21, 2002 7:22 AM To: focus-ms@securityfocus.com
Subject: Secure / Encrypt Terminal Services

-----BEGIN PGP SIGNED MESSAGE-----
Does the community have an opinion on which is the best way to do this? Can it be done via IP-Sec? Basically we have a machine (tripwire manager) that will have access to all our networks. Due to politics (gotta love security made insecure by politics) it must be remotely managed. The CIO (god bless CIO's) has decided that we will use terminal services. Is there a way to encrypt the traffic so it is not flying around the network in clear text? Would IP-Sec be the recomended solution?

Suggestions or links (or gentle shoves) to the information would be great.

Do you need help?

Thanks

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wl0EARECAB0FAj3c67gWHG9obm9ub25vQGh1c2htYWlsLmNvbQAKCRAuXN+1lPsfqYk9 AJ4ndm/CgplNAjJHfTV5oSgPLfoYYwCfYUHT6Cta9Or1jTiu4KGfYokrjYg= =2bx1
-----END PGP SIGNATURE-----
Get your free encrypted email at https://www.hushmail.com Received on Thu Nov 28 15:59:06 2002

This message: [ Message body ]
Next message: Fraser Hugh: "RE: Question: Buffer Overrun in Microsoft Data Access Components Coul d Lead to Code Execution (Q329414)"
Previous message: Brad Bemis: "RE: Question: Buffer Overrun in Microsoft Data Access Components Coul d Lead to Code Execution (Q329414)"
In reply to: ohnonono(at)hushmail.com: "Secure / Encrypt Terminal Services"
In reply to Deus, Attonbitus: "RE: Any way to remove ADMIN$ only?"
Next in thread: Stacy Olivas: "RE: Secure / Encrypt Terminal Services"
Reply: Stacy Olivas: "RE: Secure / Encrypt Terminal Services"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:25 EDT