Re: IPCop vs Smoothwall and VNC over SSH

[Douglas Duckworth <stlpcsecurity () gmail com>]

Thanks to all for the advice.  There will be roving clients, so, I
think I will try OpenVPN first.

Regards,
Doug

On 8/22/05, security () surefoot com <security () surefoot com> wrote:
> On Wednesday 17 August 2005 07:50, Douglas Duckworth <DD> wrote:
> > Hello everyone!
> >
> > I am working with a client, who is looking to enable remote access/VPN
> > into the network.  The company is rapidly expanding, and my concern is
> > security when considering VNC.  I have decided to replace the existing
> > Linksys NAT/Firewall Router with a linux based solution, either IPCop,
> > or Smoothwall.  I think I will go with IPCop, becasue I have read the
> > support is better, is this the best solution?  Secondly, would VNC
> > over SSH really be the best option for remote access?  I have used VNC
> > before, but never over the Internet;  I use SSH 2 frequently, and I am
> > aware of its security, however, is this really the best solution?
> >
> > I am referencing:
> > http://martybugs.net/smoothwall/puttyvnc.cgi
> >
> > Which states that, due to forwarding, VNC ports will not be accessible
> > from the Internet, a great relief.
> >
> > Can anyone recommend better third party software which would be cost
> > effective?  We are choosing VNC over SSH also because of its open
> > source nature.
>
> VNC over SSH is viable, I use it pretty often. It has one major advantage: you
> only give access to the ports needed. If the remote machine is infected with
> a virus the chances of infecting the corporate network are greatly reduced if
> you stick with SSH as opposed to, say, PPTP or IPSec.
>
> On the other hand, if there are plans of having people telecommute you might
> want to consider offering IPSec or PPTP.
>
> Jens