Re: RealVNC / Windows 2000 Security

[Lee Seidman <lseidman () yahoo com>]

Your situation is probably more complex than my
understanding, but couldn't you just make an image of
the machine when it was clean and after your client is
done, just re-image it to the point before it was
used?

--- Adam Kane <kane () linkitsoftware com> wrote:

> My software company currently uses two specific
> machines
> (both running Windows 2000 Pro) as "VNC" machines.
> The purpose for these machines is to display two of
> our software 
> products, and allow remote login to
>
> the computers for potential clients (very few ask)
> to test out the
> program, rather than us creating a 30-day trail type
> of setup.
>
> The problem I'm running into is correctly securing
> these machines.
> I've set it up (realvnc) so it's using encryption,
> and created very
> strong passwords, along with running on a different
> port specified by
> me, rather than the default port, but it always
> seems to fail, as I
> come in sometimes and find stuff wrong with them,
> like ad ware, or a
> message box pop up from netsend, etc.
>
> I have also gone as far as editing the registry for
> the specific user
> that we set up to run the RealVNC Server - the user
> is called Client.
> We made changes to the explorer policies so that the
> desktop would not
> show, along with disabling Internet explorer, and a
> few other things I
> found from a registry hack website.. but that hasn't
> seemed to help
> either.
>
> The problem is that we need these VNC machines in
> order to show
> clients our software, but we don't want to have to
> keep re-formatting
> every week to ensure they are clean.
>
> Any suggestions on how to keep these machines secure
> and accessible to
> our potential clients, and keeping these machines
> away from any other
> networked computers is appreciated.  Thanks.
>
> -- Regards, Adam Kane