On Thu, Nov 23, 2006 at 05:26:06PM -0500, Stephen Yorke wrote: > Most hosting facilities do allow FrontPage and/or FTP access...FrontPage > does allow SSL connections but few people set it up which is sad. FTP > is clear and is probably the most common way to allow access to M$ > Websites and no there is no SSH default connection which I totally > disagree with. > I wonder if someone has studied the incidence of website defacements and tried to corellate that with whether or not clear ftp is used (on MS platforms and non-MS platforms alike). > Remote Administration to an actual server can be done with a Terminal > Server Client (RDP) which is 128-bit encrypted on the login, 40-bit (I > believe but may be 128-bit as well) for the passing of the info/screen > shots but definately not clear. > I'm not sure, but I seem to recall that MS's own implementation of crypto can be weak in some cases. IIRC, PPTP was a good example of this. Their 40-bit PPTP could be cracked in a matter of minutes on a mediocre machine. > Secure Administration on the inside can be done with Scripting. Whether > you want to use VBScript or JScript but this is only on the inside > environment and not over the internet. If stuff like this needs to be > done I will setup an SSH server on my M$ Boxes and open the firewall to > allow SSH but assign it to a different port. There are several half > decent free SSH Servers out there for Windows and I like freeSSHd. > I'm not a windows guy, so I am not sure about scripting. Perhaps there is a way as you suggest, but all of the windows admins I personally know are only able to get around in the GUI. The concept of scripting anything is foreign to them. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com
Attachment:
signature.asc
Description: Digital signature