IIS Server Security - authentication

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > April 2004 > authentication





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author authentication
Lance

2004-04-27, 6:35 pm

I'm researching authentication of Windows 2000 terminal services and IIS over the Internet. No VPN and no SSL in place but we do have an appropriately configured firewall. Everything works fine but I'm concerned as to whether or not I'm exposing the usern
ame and password to the public Internet.

ANy security experts out there know if Microsoft encrypts the username/password when connecting to terminal server OVER A PUBLIC INTERNET?

Regards from Indianapolis
Keith W. McCammon

2004-04-28, 10:34 am

You want the terminal server or windows groups. This group is for IIS
questions.

"Lance" <anonymous@discussions.microsoft.com> wrote in message
news:E1F727F4-DEFF-466C-ABD1-908604FC41E3@microsoft.com...
> I'm researching authentication of Windows 2000 terminal services and IIS
over the Internet. No VPN and no SSL in place but we do have an
appropriately configured firewall. Everything works fine but I'm concerned
as to whether or not I'm exposing the username and password to the public
Internet.
>
> ANy security experts out there know if Microsoft encrypts the
username/password when connecting to terminal server OVER A PUBLIC INTERNET?
>
> Regards from Indianapolis


Ken Schaefer

2004-04-28, 10:34 am

When using Terminal Services, the credentials are encrypted.

Now, this is an IIS group - nothing to do with TS. If you want more
detailed, under the covers, info, please try a TS group where the experts
hang out. :-)

Cheers
Ken

"Lance" <anonymous@discussions.microsoft.com> wrote in message
news:E1F727F4-DEFF-466C-ABD1-908604FC41E3@microsoft.com...
: I'm researching authentication of Windows 2000 terminal services and IIS
over the Internet. No VPN and no SSL in place but we do have an
appropriately configured firewall. Everything works fine but I'm concerned
as to whether or not I'm exposing the username and password to the public
Internet.
:
: ANy security experts out there know if Microsoft encrypts the
username/password when connecting to terminal server OVER A PUBLIC INTERNET?
:
: Regards from Indianapolis


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com