RE: Remote admin

["Scott, Richard" <Richard.Scott () BestBuy com>]

If I was in the same position, I would demand to know what encryption the
product, that I am placing trust in, is using.  Rep and ask them to find
out.
I've heard some stories of pcAnywhere not being so secure, I am sure they
were discussed in this forum before MJR closed it and reopen it.  Try
looking at the archives there.

As for VNC.  It's very versatile allowing the "client" to be set up for
linux/NT.  I also believe this had some security problems, though, I think
there are patches for this product.

Again, Terminal Services had it's quirks, and it's very good, a lot faster
than Remote Desktop, from what I have experienced.  It integrates well with
the w2k security model too.

I would advice looking at Bugtraq and seeing if there have been any recent
exploits published, and then check with the vendor to see if they have been
fixed.

Cheers
r.
Richard Scott   
BestBuy.Com
* Tel: 001-(612)-995-5432
* Fax: 001-(612)-947-2005
* Best Buy World Headquarters
7075 Flying Cloud Drive
Eden Prairie, MN 55344 USA

The views expressed in this email do not represent Best Buy
or any of its subsidiaries.


I'm investigating remote admin solutions for a Win 2K bastion host.

Yes, it has to be 2K, and yes, remote admin is required.

In "Securing Windows NT/2000 Servers" (O'Reilly) Stefan Norburg describes
pcAnywhere, Open source via OSSH/VNC, and Windows Terminal Services.

In our current setup, we're using Timbuktu (www.netopia.com).  Although
Netopia
encrypts text/mouse IO, they don't say what method is used. (at least not in
the FAQ
(http://www.netopia.com/support/faqs/software/tb22000faq.html#encryption)

Anybody have any experience with these, or others?  Can anyone shed more
light
on Timbuktu's security?


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards