mailing list archives
Re: pcAnywhere question
From: Travis Foley <travis.foley () gmail com>
Date: Wed, 1 Dec 2004 13:10:33 -0600
They'll tunnel it over SSH, not SSL... a MUST if you're going to use
any implementation of VNC.
Good idea on the dial in, may wanna configure for call back security
at a minimum though and make sure you cannot dial out from the
server... that would be a big sec risk, basically would circumvent
your local network security.
On Mon, 29 Nov 2004 23:11:34 -0500, Greg Robinson
<greg.robinson () maxsyscomputers com> wrote:
Have you considered using a dial-up connection into your server? I know
that it is a little slow, but it's much more secure and will allow you
access in the event that the internet connection is lost. I work for a
large Fortune 500 company, and our shipping servers are remotely
administered by the parcel company's tech staff with no problems. If you
needed to, you could then enable a network VNC-type connection.
I'd research gotomypc.com as well. I believe they tunnel everything over
SSL, giving you nearly full functionality remotely.
Just some thoughts!
Greg Robinson, CCNA
From: Ivan C [mailto:incman () hotmail com]
Sent: 29 November 2004 00:05
To: security-basics () securityfocus com
Subject: pcAnywhere question
Looking at deploying pcAnywhere on the internet facing interface of a windoz
2000 server for remote management and would like any feed back as to:
- the vulnerabilities of the pcanywhere application
- can the login be brute forced
any other feedback is appreciated
Click here for the latest chart ringtones: