Discussion:
Vulnerability / Virus
(too old to reply)
CC
2005-07-19 15:42:08 UTC
Permalink
Is there any significant vulnerability when allowing unknown computers to
access a Terminal Server via Remote Desktop? We are currently allowing
user’s access with a company provided laptop, but the thought is to allow
employees to access to the server from their home computers. My concern is
mainly that they could infect the server with a virus / Trojan.

There is no way that we could control whether or not their machines have the
latest virus protection files etc... Are there any security issues we should
be aware of?
Marvin P. Winterbottom
2005-07-19 16:39:08 UTC
Permalink
I don't believe there's a virus/trojan that goes from the local computer,
over the rdp connection, to the server. The greatest danger is letting users
surf the web on the server, then you have to constantly be monitoring the
server for spyware.
Post by CC
Is there any significant vulnerability when allowing unknown computers to
access a Terminal Server via Remote Desktop? We are currently allowing
user’s access with a company provided laptop, but the thought is to allow
employees to access to the server from their home computers. My concern is
mainly that they could infect the server with a virus / Trojan.
There is no way that we could control whether or not their machines have the
latest virus protection files etc... Are there any security issues we should
be aware of?
Lucvdv
2005-07-20 10:09:56 UTC
Permalink
Post by Marvin P. Winterbottom
I don't believe there's a virus/trojan that goes from the local computer,
over the rdp connection, to the server. The greatest danger is letting users
surf the web on the server, then you have to constantly be monitoring the
server for spyware.
But be careful with installing anti-spyware products on the server,
there's at least one (Webroot SpySweeper) that can render terminal
services unaccessible.

Symptoms: one connection can be made after boot, from the second attempt
on you get an error message "Attempt to send a message to a disconnected
communication port", event ID 55, in the server's event log.

I had the problem, and Google came up with this:
http://www.computing.net/windows2000/wwwboard/forum/62214.html

After I did as the poster indicated in the second message, the problem
went away. It could be an (un)lucky coincidence, but that would make at
least two of them.

Loading...