I'm no Windows expert, but part of my standard XP setup routine is to disable
several services which various sources have called security risks.  "Terminal
services" is one of the ones I always disable.

In XP, go to control-panel | administrative tools | services.

Or, the Cisco might have ways to make sure that certain open ports can only go
to certain IP addresses.  I don't think any specific port has to expose all
the servers.  My cheapo dsl modem / router can do this, so if Cisco can't
something is off.

----- Original Message ----- 
From: "Shawn Gordon" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Friday, June 13, 2008 13:40
Subject: [HP3000-L] windows network login security


> I thought someone on this list might have some experience with this,
> a friend is asking for my help and I tend to focus more on Linux and
> Windows.  But they have a Windows network with several main servers,
> the problem seems to be these servers IP's are exposed to the world
> at large through their cisco router (which has selected ports open)
> and people can use terminal services to login.  There seems to be
> nothing other than a user id password required as long as that user
> is part of the remote access group, and everyone appears to have the
> Administrator password.
>
> any suggestions for software, procedures etc?  thanks.
>
>
> Regards,
>
> Shawn Gordon
> President
> theKompany.com
> www.thekompany.com
> www.mindawn.com
> 949-713-3276
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *