One great feature in Windows 2000 Server is Terminal Services. Before Win2K, you needed a separate version of Windows NT (Windows NT Server 4.0, Terminal Server Edition—WTS) to obtain and install Terminal Services. In Win2K Server, you can use the Control Panel Add/Remove Programs applet to enable Terminal Services. Terminal Services not only provides remote system connectivity and application sharing for users but also provides remote administration of servers. Installing Terminal Services, however, requires thought and attention to security, or you could open a large security hole in your network.
If you install Terminal Services, you must consider several important security matters. (For information about installing Terminal Services, see Robert McIntosh’s Windows 2000 Magazine Network article, "Using Terminal Services for Administration," http://www.win2000mag.com, InstantDoc ID 15813.) First think about how you want to use the service. If you plan to use it only for remote administration, the main security precaution to take is to disable terminal access for accounts that aren’t going to connect for remote administration. Also consider creating a decoy Administrator account to deflect attackers’ attention from the real Administrator account: Rename the original Administrator account, and give it a strong password (all accounts should have strong passwords, but for accounts that have access to the terminal server, this precaution is especially important). Then create a new fake Administrator account (with "administrator" as its name) with no access. . . .
)
Anonymous User October 22, 2004 (Article Rating: