RE: VNC

["Spencer D'oro" <sbdoro () attbi com>]

As an IT "out-source" Contractor, I sometimes find it necessary to set up
remote capabilities, for those clients who aren't easily accesible in a
convenient time frame.  I use a program called Remote Administrator
(RAdmin).  I like this app because it can be set with access by password or
authentication through Windows NT/2000 security (which I find to be very
important).  The service is easily configurable (port, connect through
host).  It uses 128-bit security and has an IP-filter option.  It has
several different modes of connectivity (full control, file transfer,
command-line interface, etc).  So I don't sound like a rep for the company,
let me list some weaknesses.  Works only on Windows and you must use Dial-Up
networking to establish a connection if you want to use it with a modem.
Also, you can only use one of the remote-control features per connection at
a time.  Other than that I have found the app very satisfactory.

Spencer


-----Original Message-----
From: Trevor Cushen [mailto:Trevor.Cushen () sysnet ie]
Sent: Friday, January 31, 2003 9:19 AM
To: security-basics () securityfocus com
Subject: RE: VNC


Further Chris Berrys suggestion is the use of stunnel or tightvnc

www.tightvnc.com
www.stunnel.org

Hope this helps

Trevor Cushen
Sysnet Ltd

www.sysnet.ie
Tel: +353 1 2983000
Fax: +353 1 2960499



-----Original Message-----
From: Chris Berry [mailto:compjma () hotmail com]
Sent: 30 January 2003 01:46
To: security-basics () securityfocus com
Subject: Re: VNC


> From: Marty <marti () videotron ca>
> I remember inquiring last year about VNC as a network remote control
> solution. Sincere thanks to all those that answered. We stopped the VNC

> implementation after reading about all the risks related to the
> product. Our tech people are coming back and charging... again.
> My question is simple is the latest version of VNC better than the
> previous ones and should we allow our tech group to use it to take
> control of our machines (servers and workstations)...

VNC is great, but doesn't have built in encryption, however you can pipe
it
through ssh and if you're real paranoid run that through a vpn, then
everything is kosher.  See their homepage for ssh instructions.

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"For Sys Admins paranoia isn't a mental health problem, its a marketable
job
skill."

_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE*
http://join.msn.com/?page=features/virus



****************************************************************************
**********

This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.

If you have received this message in error please notify SYSNET Ltd., at
telephone no: +353-1-2983000 or postmaster () sysnet ie

****************************************************************************
**********

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.445 / Virus Database: 250 - Release Date: 1/21/2003

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.445 / Virus Database: 250 - Release Date: 1/21/2003