Can a Windows Server 2003 Terminal Server Be Bulletproofed?

Explore the intricacies of securing Windows Server 2003 Terminal Server in this comprehensive Black Hat EU 2003 conference talk. Delve into the challenges posed by this complex system and discover new security features implemented in the 2003 version. Learn about schema changes, anonymous log-on issues, and Active Directory permissions. Examine the improvements in application compatibility, enhanced security measures, and Terminal Services connections. Gain insights into user data profiles, NTFS permissions, and Group Policy implementation. Understand the nuances of domain-level policies, loopback processing, and merge mode. Acquire knowledge on configuring password lengths, basic settings, and file system permissions specific to Terminal Services users. Master the art of bulletproofing your Windows Server 2003 Terminal Server environment through this in-depth presentation by Laura Robinson.

Intro
Session Overview
How many are using 2003 Terminal Services
What to do to secure your 2003 Terminal Services
Whats the problem with this behemoth
Whats new in 2003
Security in the development process
Surprises
Schema Changes
Anonymous Log On
Active Directory Permissions
Anonymous Settings
User Info
What hasnt changed
TS Info Utility
What Has Changed
Application Compatibility Permissions
Full Security
Application Compatibility Toolkit
Backward Compatibility
Enhanced Security
Terminal Services Connections
Remote Desktop Users
Terminal Services Licensing
Remote Admin vs Terminal Services
Anonymous Connections
User Data Profiles
Roaming Profiles
Permissions
NTFS Permissions
Group Policy
Domain Level Policies
Terminal Services
Loopback Processing
Merge Mode
Group Settings
Password Length
Terminal Services Policy
Basic Settings
Secondary logon service
File system permissions
Terminal Services settings
Terminal Services users