On Wed, 21 Oct 2009, Edward Ned Harvey wrote: >> RDP can be configure to always use encryption, and then to do token >> authentication in addition to normal userid/password authentication. >> >> I cringe a bit at exposing anything that microsoft has written to the >> Internet, but I have not heard of problems with this specific setup. > > Ain't no way I'm exposing RDP to the internet. Even if there is a > reasonable way to secure it (I certainly don't see any SSL controls under > "My Computer / Properties / Remote") it would simply be unmanageable ... a > new firewall rule and a new external IP (or nonstandard port mapping) ... > for every lab workstation in the company... No way. > > VPN is the answer. Or else something like citrix.
the only way I would do it for more than a handful of systems would be to use one box with RDP as a 'jump box' like you would citrix. it may be that the encryption is only there with terminal services, not on a standard system. I'm not familiar enough to know where it is, but I know there are options to force 128 bit encryption on it. David Lang _______________________________________________ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
