Re: pcAnywhere question

[Travis Foley <travis.foley () gmail com>]

They'll tunnel it over SSH, not SSL... a MUST if you're going to use
any implementation of VNC.

Good idea on the dial in, may wanna configure for call back security
at a minimum though and make sure you cannot dial out from the
server... that would be a big sec risk, basically would circumvent
your local network security.


On Mon, 29 Nov 2004 23:11:34 -0500, Greg Robinson
<greg.robinson () maxsyscomputers com> wrote:
> Ivan,
>
> Have you considered using a dial-up connection into your server?  I know
> that it is a little slow, but it's much more secure and will allow you
> access in the event that the internet connection is lost.  I work for a
> large Fortune 500 company, and our shipping servers are remotely
> administered by the parcel company's tech staff with no problems.  If you
> needed to, you could then enable a network VNC-type connection.
>
> I'd research gotomypc.com as well.  I believe they tunnel everything over
> SSL, giving you nearly full functionality remotely.
>
> Just some thoughts!
> Greg Robinson, CCNA
> MaxSys Computers
>
>
>
> -----Original Message-----
> From: Ivan C [mailto:incman () hotmail com]
> Sent: 29 November 2004 00:05
> To: security-basics () securityfocus com
> Subject: pcAnywhere question
>
> Hi All,
> Looking at deploying pcAnywhere on the internet facing interface of a windoz
>
> 2000 server for remote management and would like any feed back as to:
>
> - the vulnerabilities of the pcanywhere application
> - can the login be brute forced
>
> any other feedback is appreciated
>
> Thanks
> Henry
>
> _________________________________________________________________
> Click here for the latest chart ringtones:
> http://ringtones.com.au/ninemsn/control?page=/ninemsn/main.jsp