Note that requiring smart cards can be done per-server, as an option to configuring it at the account level.Ĭonfigure a perimeter network, place the remote desktop server in the perimeter, and use an inexpensive VPN to provide the access. This is typically expensive and found predominately in large organizations, however the options are improving (PhoneFactor comes to mind). Use smart cards or some other type of two-factor authentication. Configuring a firewall access rule to disallow outbound access by default, and a rule to allow outbound access only to internal/known networks and RFC 1928 subnets can mitigate the risk. ![]() ![]() Many of the more serious malware attempts to communicate back to their command and control server when it compromises your system. ![]() This is not very secure, hoowever, there are a few ways to strengthen security.ĭisallow Internet access from that server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |