authentication between servers over the internet?

Discussion in 'Server Security' started by Sean G., Sep 9, 2004.

  1. Sean G.

    Sean G. Guest

    Howdy,

    I have two servers at separate locations--both in the same domain, one a
    domain controller.

    What connection do I need for someone logging in to server A to be
    authenticated by domain controller B? Can this be done over the internet,
    or do I need a WAN-type connection (VNC, PPTP, VPN) ?


    Thanks,



    Sean G.
     
    Sean G., Sep 9, 2004
    #1
    1. Advertisements

  2. Sean G.

    Miha Pihler Guest

    Hi Sean,

    While you could do authentication over internet, this is not recommended.
    You would put your network and data between one office and the other at
    risk.

    Best thing you can do is use VPN between the offices (either PPTP or L2TP).

    Here are some aditional information about VPNs.

    Remote access/VPN server role: Configuring a remote access/VPN server
    http://www.microsoft.com/resources/...3/standard/proddocs/en-us/vpn_server_role.asp

    Mike
     
    Miha Pihler, Sep 9, 2004
    #2
    1. Advertisements

  3. Sean G.

    Sean G. Guest

    Sean G., Sep 9, 2004
    #3
  4. Sean G.

    Miha Pihler Guest

    Hi Sean,

    If he was my boss I would give him a paper to sign where he takes over all
    responsibilities. After all it was his idea. :)

    Seriously, if you go unprotected over internet you are putting security of
    your network to high risk. It is quite easy for person with enough knowledge
    to sniff out e.g. password hashes that are send between servers, not to
    mention all other data (e.g. work related documents, ...)

    Mike
     
    Miha Pihler, Sep 9, 2004
    #4
  5. Sean G.

    Robert Moir Guest

    Your boss is an idiot if he thinks that spending all your time fighting
    hackers (which is the ultimate result of his approach) is simpler than
    setting up a VPN.
     
    Robert Moir, Sep 11, 2004
    #5
  6. Not to mention a lot of ISP's seem to be filtering file and print
    sharing/netbios ports over their routers which is fine with me. --- Steve
     
    Steven Umbach, Sep 12, 2004
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.