RE: Any remote client - without fixed IP

["Bob Beck" <goodfela26 () finneganfamily net>]

If this is a home user and a VPN is out of the question:

To get around the dynamic ip addressing, you can create a dynamic dns
account (http://www.dyndns.org/) for the user and install a dynamic dns
update utility on the remote computer
(http://www.dyndns.org/support/clients/dyndns.html). Then, install your
remote control software (VNC, PCAnywhere, etc.) on the user's computer and
connect to it via the newly created dns account, i.e. homeuser.homeip.net.
This isn't the most secure way to do this, but it does work.

You can also use an ssh server on the client's pc along with a dynamic dns
account to give a more secure connection to the client. To do so, install an
ssh server (http://www.openssh.org or http://sshwindows.sourceforge.net/) on
the client pc and configure it. Then, from the pc that you want to access
the client from, you can use putty
(http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html) or any
other ssh client to create a tunnel to the client while using port fowarding
to connect to the client. For example, you can forward your local port xxxx
to connect to the port running your remote control server on
homeuser.homeip.net. Then, use your remote control client and connect to
localhost:xxxx and it will forward your request to the correct port on the
remote server using the tunnel you created.

I hope that helps.

Bob


-----Mensaje original-----
De: hartmann [mailto:hartmann () thestar com my]
Enviado el: Jueves, 17 de Marzo de 2005 10:19 p.m.
Para: 'Jeff N. Miller'
CC: security-basics () securityfocus com
Asunto: RE: Any remote client - without fixed IP


Thanks Jeff.

VPN was once considered.
But later rejected by team leader,
As said not practical for user to get into our LAN
Because we may not know that what is installed or running in the client.

Adam


-----Original Message-----
From: Jeff N. Miller [mailto:jmiller () prairieknights com]
Sent: Wednesday, March 16, 2005 5:39 AM
To: hartmann
Cc: security-basics () securityfocus com
Subject: RE: Any remote client - without fixed IP

DHCP shouldn't be a problem.  That's what DNS is for.  That said, a VPN is
your best option.  Then you can use VNC, Remote Desktop, etc....after the
user has authenticated to the VPN.


-----Original Message-----
From: hartmann [mailto:hartmann () thestar com my]
Sent: Monday, March 14, 2005 7:46 PM
To: security-basics () securityfocus com
Subject: Any remote client - without fixed IP

Hi,

Is there any software or any way that we could have a remote control over
client(s)
Which does not have fixed IP?
I'm one of my company system administrators, and currently we need to
support remote site clients.
But, the difficult part is that the client have a dynamic IP.
Thus, is there any tools to help?
Even it needs to be launched from the client side.

Thanks.

Adam



/******************************************************************\
This message and any attachment(s) are confidential and may be privileged or
otherwise protected from disclosure. If you are not the intended recipient,
please telephone or e-mail the sender and delete this message and any
attachment from your system. If you are not the intended recipient you must
not copy this message or attachment or disclose the content to any other
person.

Any opinion, view and/or other information in this message and/or any
attachment(s) hereto which do not relate to the official business of Star
Publications (Malaysia) Bhd shall not be deemed given nor endorsed by Star
Publications (Malaysia) Bhd. Our company is not responsible for any activity
that might be considered to be an illegal and/or improper use of email.

E-mail transmissions cannot be guaranteed to be secured or error-free as
information could be intercepted, corrupted, lost, destroyed, delayed,
incomplete or contain viruses. The sender therefore does not accept
liability for any errors or omissions in the contents of this message or for
any virus damage which may arise as a result of this e-mail transmission.
/******************************************************************\

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________




/******************************************************************\
This message and any attachment(s) are confidential and may be privileged or
otherwise protected from disclosure. If you are not the intended recipient,
please telephone or e-mail the sender and delete this message and any
attachment from your system. If you are not the intended recipient you must
not copy this message or attachment or disclose the content to any other
person.

Any opinion, view and/or other information in this message and/or any
attachment(s) hereto which do not relate to the official business of Star
Publications (Malaysia) Bhd shall not be deemed given nor endorsed by Star
Publications (Malaysia) Bhd. Our company is not responsible for any activity
that might be considered to be an illegal and/or improper use of email.

E-mail transmissions cannot be guaranteed to be secured or error-free as
information could be intercepted, corrupted, lost, destroyed, delayed,
incomplete or contain viruses. The sender therefore does not accept
liability for any errors or omissions in the contents of this message or for
any virus damage which may arise as a result of this e-mail transmission.
/******************************************************************\