Terminal Services and Win2K Security

How secure is Win2K's terminal services? Is there a list of know exploits? I have a potential client who is running Terminal Services on a Win2K machine. This machine contains an SQL server which has sensitive personal information that is collected via their web site.

(The client happens to be a non-profit organization for whom I volunteer my services; only recently have they asked me to help with their security issues.)

Recently, they were hacked but unfortunately, they did not have proper monitoring software or logging in place to determine how the breech occured.

I've made the following recommendations:

Reinstall the system software as the level of security breech cannot be determined.

Isolate the SQL and Web Server on two different machines.

Seperate firewalls for the SQL server and the Web Server. The Web Server should be highly isolated with only web server related protocols available to the outside world.

The SQL server should only allow connections from the internal network and the web server. Use of IPsec internally may be appropriate if their internal network cannot be properly isolated from the WAN.

Install Tripwire or equivalent monitoring software.

Conduct monthly security audits.

(I primarilly work on linux servers and am much more familar with linux security than win2k, so any help is appreciated).

 

 

 

 

Top