Home page logo

basics logo Security Basics mailing list archives

Re: pcAnywhere question
From: Travis Foley <travis.foley () gmail com>
Date: Wed, 1 Dec 2004 13:10:33 -0600

They'll tunnel it over SSH, not SSL... a MUST if you're going to use
any implementation of VNC.

Good idea on the dial in, may wanna configure for call back security
at a minimum though and make sure you cannot dial out from the
server... that would be a big sec risk, basically would circumvent
your local network security.

On Mon, 29 Nov 2004 23:11:34 -0500, Greg Robinson
<greg.robinson () maxsyscomputers com> wrote:

Have you considered using a dial-up connection into your server?  I know
that it is a little slow, but it's much more secure and will allow you
access in the event that the internet connection is lost.  I work for a
large Fortune 500 company, and our shipping servers are remotely
administered by the parcel company's tech staff with no problems.  If you
needed to, you could then enable a network VNC-type connection.

I'd research gotomypc.com as well.  I believe they tunnel everything over
SSL, giving you nearly full functionality remotely.

Just some thoughts!
Greg Robinson, CCNA
MaxSys Computers

-----Original Message-----
From: Ivan C [mailto:incman () hotmail com]
Sent: 29 November 2004 00:05
To: security-basics () securityfocus com
Subject: pcAnywhere question

Hi All,
Looking at deploying pcAnywhere on the internet facing interface of a windoz

2000 server for remote management and would like any feed back as to:

- the vulnerabilities of the pcanywhere application
- can the login be brute forced

any other feedback is appreciated


Click here for the latest chart ringtones:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]