Thread: Administering your Windows Servers with N900
View Single Post
OrangeBox is offline OrangeBox
2010-01-15 , 18:18
Banned | Posts: 291 | Thanked: 42 times | Joined on Dec 2009
#15
Originally Posted by rewt View Post
Let's start with these points...
1. Opening RDP to the world, to administer from one remote device is a bad idea.
I disagree. This is how millions of Windows Servers are being administered around the world. When VPN is not an option, we usually lock down access for the source IP. This should work even for people who are on DSL at home since the IP does not change that often. Also username, password, domain name must be given.
Originally Posted by rewt View Post
Let's start with these points...
2. Although RDP is encrypted, there is no verification of the server's identity by default - this makes it possible for man-in-the-middle attacks.
Yes, by default is the key here. I let you write up a tutorial for the certificates ;-) to prevent MIMs
Originally Posted by rewt View Post
Let's start with these points...
3. AFAIK rdesktop doesn't support TLS, so enabling it to reduce the risk of a man-in-the-middle attack is not an option.
And the point here is?
Originally Posted by rewt View Post
Let's start with these points...
4. VPN is good. Off the top of my head, OpenVPN and vpnc (Cisco compatible VPN client) are both available for Maemo, so there is no reason not to use it.
PPTP is by far the easiest VPN configuration. Hope Maemo will add support to it. OTOH most mainstream firewalls allow you to connect via IPSEC and SSL-VPN in addition to PPTP.