Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: maillists (maillistsnetsult.com)
Date: Fri Mar 15 2002 - 11:19:40 CST
How about given him Terminal Services access, and creating a new domain
for the server he is allowed into. Then create a one-way trust from
your primary domain so that you have access to the box, but he can't see
the rest of the primary domain?
> -----Original Message-----
> From: Varga Daniel (QI/RZS4) * [mailto:Daniel.Vargade.bosch.com]
> Sent: Friday, March 15, 2002 5:18 AM
> To: 'focus-mssecurityfocus.com'
> Subject: limited remote access to a W2K Server
> Hi all,
> my company wants to give remote access (NetMeeting, WTS,
> whatever) for some external developers to some of our W2K
> Servers. He should be able to dial in, connect to the server
> and administer it. He should not be able to contact other
> servers on our LAN in any way.
> On the dial-in router I can set up an ACL so he can only
> reach the server he is allowed to. But once he is on this
> server via NetMeeting on WTS, he can of course try to connect
> to all other servers on my LAN.
> What can I do? Any ideas?