Re: Administering your Windows Servers with N900
 

Depends on "whose bunker"...there's a couple of people with personal bunkers in their backyards, waiting for "the big day".

:p

Either way, while the OP's idea is "nice to know", but there are just way too many issues to get into...for some situations. I had a good laugh though. Thoughts of SWAT teams with laser sights and 24hr coverage on FOX news were dancing through my head.

:D

Re: Administering your Windows Servers with N900
 

A large companies bunker. :)

Re: Administering your Windows Servers with N900
 

While I might not agree with the technique - I do have to say thanks to OrangeBox for the howto. Its a vast improvement from the normal troll and in some circumstances may be a good solution for an individual etc.

Thanks OB

Re: Administering your Windows Servers with N900
 

Fair enough, and justifiable enough. I was attempting to "humorously" make the point that, "that dog ain't gonna hunt", anywhere there are decent security measures in place....bunker locations included, be it corporate or fed., but more so at fed. Especially when you're at a site, leaning up against a server rack, and you realize your hand is covering a label that reads, "NORAD".

Re: Administering your Windows Servers with N900
 

I disagree. This is how millions of Windows Servers are being administered around the world. When VPN is not an option, we usually lock down access for the source IP. This should work even for people who are on DSL at home since the IP does not change that often. Also username, password, domain name must be given.
Yes, by default is the key here. I let you write up a tutorial for the certificates ;-) to prevent MIMs
And the point here is?
PPTP is by far the easiest VPN configuration. Hope Maemo will add support to it. OTOH most mainstream firewalls allow you to connect via IPSEC and SSL-VPN in addition to PPTP.

Re: Administering your Windows Servers with N900
 

By people not concerned about security - inexperienced admins, generally. It's trivial to configure a VPN using OpenVPN (free), or even MS Routing and Remote Access (free with MS Server OS). It's not unusual these days for most firewalls to include some sort of VPN functionality. There is no excuse for exposing potentially insecure services such as this to the world these days. Even Microsoft advises to open as few ports to the world as possible. You never know what the next vulnerability in RDP will be, and based on a quick look through old KB articles remote code executions and denial of service attacks aren't out of the realm of possibilities.

Even if they were told to do so and how, it would currently break access using rdesktop.

The only way to verify the identity of the remote server is using TLS. TLS is not supported by rdesktop, therefore there is no way to mitigate MITM attacks. Tunneling the traffic through a VPN greatly reduces the likelihood of a MITM attack, though, which is another reason I advise against access RDP without any other security mechanisms in place.

From what I can tell, MPPE support has not been built with the default Maemo kernel, so it'll take a bit of work to get a PPTP client up and running. Until then, there's nothing stopping you from using something else.