How about Hamachi?
Works over SSL, and also allows you to "see" which of your machines are up and running and you can RDP to them.
Wont work if your LEA has blocked access to the DNS entries for *.logmein.com unfortunately.
We did have rdp setup for remote access on 3 of our servers. Shortly after doing this we had security breaches, "unknown accounts" appearing in user profiles, symantec detecting tamper attempts and virus alerts.
The servers do have external ip addresses, so whether thats the problem im unsure. Also I know you can restrict users/user groups who are allowed to access the server this way but is it possible to add another level of authentication before you get to the login prompt? like what you get in VNC.
I use rdp for server access and ssl explorer for file access. I've still got version 1.0.0_RC17 here if you can't find it.
Is it possile regardless of whether your servers have external ip addresses or not, to only allow ip's of hosts on the internal network to connect to the servers via rdp? I'd like to use it inside school but keep it secure so it cannot be accessed outside by "ip scanners" is this possible?
Just don't forward the necessary port then. (3389 iirc)
Here is a reason why not to have your router managed by someone else:
I phoned up RM (yes I know!) and asked if they could block port 3389 on the router, eventually after many questions they understood what I was asking for and proceeded to make the change. They requested I reboot the router which I did to then find they had blocked every port apart from port 80!
After going backwards and forwards to update the support call and pretty much doing it for them they unblocked the email ports and the other ports we needed. What a nightmare though I only wanted one port blocked! lol
I use RDP but it's blocked unless i need it, if i do i just remote logon to our proxy and open it up then close it again afterwards.
VPN + RDP here just works so no need to change very fast, our LEA use logmein but it seems slow could be our ISP but then again not.
It could be that they've messed up the access control lists. It can be quite easy to do if it's a cisco router.
There are currently 1 users browsing this thread. (0 members and 1 guests)