Security Basics mailing list archives
RE: pcAnywhere question
From: "Eric McCarty" <eric () piteduncan com>
Date: Thu, 2 Dec 2004 10:20:42 -0800
If you must put pcAnywhere on a non-firewalled interface I highly suggest using the built in PcAnywhere encryption as well as ensuring you are using the latest version with any/all patches. However on a side note, why would u do this?. I would suggest you firewall the connection, setup NAT/a PcAnywhere rule to allow this traffic and let that be that, implement a VPN for additional protection if need be. I honestly can't think of any reason a computer would be connected directly to the internet without the protection of a firewall or at least a NAT-capable Router. Eric P.S. I also highly recommend GoToMyPc, It uses a password to get to the site and a password for each PC and the monthly fee is cheap. Plus it uses Citrix-like technology so it works well even on low-speed connections. -----Original Message----- From: Travis Foley [mailto:travis.foley () gmail com] Sent: Wednesday, December 01, 2004 11:11 AM To: Greg Robinson Cc: security-basics () securityfocus com Subject: Re: pcAnywhere question They'll tunnel it over SSH, not SSL... a MUST if you're going to use any implementation of VNC. Good idea on the dial in, may wanna configure for call back security at a minimum though and make sure you cannot dial out from the server... that would be a big sec risk, basically would circumvent your local network security. On Mon, 29 Nov 2004 23:11:34 -0500, Greg Robinson <greg.robinson () maxsyscomputers com> wrote:
Ivan, Have you considered using a dial-up connection into your server? I know that it is a little slow, but it's much more secure and will allow you access in the event that the internet connection is lost. I
work for a large Fortune 500 company, and our shipping servers are remotely administered by the parcel company's tech staff with no problems. If you needed to, you could then enable a network VNC-type
connection.
I'd research gotomypc.com as well. I believe they tunnel everything over SSL, giving you nearly full functionality remotely. Just some thoughts! Greg Robinson, CCNA MaxSys Computers -----Original Message----- From: Ivan C [mailto:incman () hotmail com] Sent: 29 November 2004 00:05 To: security-basics () securityfocus com Subject: pcAnywhere question Hi All, Looking at deploying pcAnywhere on the internet facing interface of a windoz 2000 server for remote management and would like any feed back as to: - the vulnerabilities of the pcanywhere application - can the login be brute forced any other feedback is appreciated Thanks Henry _________________________________________________________________ Click here for the latest chart ringtones: http://ringtones.com.au/ninemsn/control?page=/ninemsn/main.jsp
Current thread:
- RE: pcAnywhere question Brian Bemis (Dec 01)
- <Possible follow-ups>
- RE: pcAnywhere question Trevor Cushen (Dec 01)
- Re: pcAnywhere question Travis Foley (Dec 02)
- RE: pcAnywhere question Stephane Auger (Dec 02)
- Re: pcAnywhere question Michael Puchol (Dec 03)
- vnc through ssh for windows NoSpam (Dec 06)
- Re: vnc through ssh for windows Michael Puchol (Dec 07)
- Re: vnc through ssh for windows SMiller (Dec 10)
- Re: pcAnywhere question Michael Puchol (Dec 03)
- RE: pcAnywhere question Eric McCarty (Dec 02)