Maybe use an ssh tunnel to do this
Regards Steve Cummings Barclays Capital DDI 0207 773 4245 -----Original Message----- From: Barrie Dempster [mailto:[EMAIL PROTECTED] Sent: 15 November 2005 08:50 To: maralisa Cc: [email protected]; [EMAIL PROTECTED] Subject: RE: break in? - terminal services on alternate port On Sat, 2005-11-12 at 09:00 -0800, maralisa wrote: > Paul, > > The smartest and best thing to do if you must open the terminal > services port to the world is to change the port that terminal services runs on. > I do this, and it never gets attacked. You should also change the name > of your administrator account. This is best practice. I've had my > terminal server accessible to the worls for literally year now with no > problems. Indeed a good step in cutting down on non-specific blanket scanning based attacks. Relatively little defence against a determined attacker going against you as a specific target however. One of the best reasons to advocate running remote access mechanisms, is the fact that it keeps your logs a lot cleaner. If all of a sudden you see some attempts to log-in you can be reasonably sure that it's a targeted attack rather than a blanket scan. This becomes useful when responding to the incident, blanket scans are an easy fix - however if someone appears to be targeting you specifically then there may be other ares of your infrastructure which require your attention and you will be able to respond appropriately. -- With Regards.. Barrie Dempster (zeedo) - Fortiter et Strenue "He who hingeth aboot, geteth hee-haw" Victor - Still Game blog: http://reboot-robot.net sites: http://www.bsrf.org.uk - http://www.security-forums.com ca: https://www.cacert.org/index.php?id=3 ------------------------------------------------------------------------ For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. ------------------------------------------------------------------------ --------------------------------------------------------------------------- ---------------------------------------------------------------------------
