Re: pcAnywhere question
From: Michael Puchol (mpuchol_at_sonar-security.com)
Date: 12/02/04
- Previous message: Ghaith Nasrawi: "Re:changing routers and switchs passwords remotely"
- In reply to: Stephane Auger: "RE: pcAnywhere question"
- Next in thread: NoSpam: "vnc through ssh for windows"
- Reply: NoSpam: "vnc through ssh for windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <security-basics@securityfocus.com> Date: Thu, 2 Dec 2004 23:57:25 +0100
Hi,
Just make sure you are talking about the Enterprise version of RealVNC,
which does have AES, and authentication of server and viewer. The standard
VNC protocol is non-encrypted, and the password security is laughable. In
TightVNC implementations you type a password over 8 characters at the server
configuration, and you are nicely reminded that only the first 8 characters
will be used anyway.
I run TightVNC over SSH2, which benefits from the extra compression the
tunnel provides. I use strong auth at the SSH2 stage, with other filtering
added at lower layers, so it's pretty safe that way.
Best regards,
Mike
----- Original Message -----
From: "Stephane Auger" <stephaneauger@pre2post.com>
To: "Brian Bemis" <brian_bemis@hotmail.com>;
<security-basics@securityfocus.com>
Sent: Wednesday, December 01, 2004 8:46 PM
Subject: RE: pcAnywhere question
Hi,
I'm using Remote Desktop to manage my Windows XP clients and Windows
2000/2003 servers. It runs pretty good, but we have VPNs set up for
when we connect. The encryption in Terminal Services, in my opinion, is
good but a VPN's always the best solution, and adds almost no overhead.
A second nice solution is VNC (www.realvnc.com), which projects the
desktop as if you were locally connected, unlike Terminal Services which
is a remote session. I usually have both enabled. That way, I used
remote desktop, and if I need to do something "locally", or TS crashes,
VNC's available as a backdoor. VNC also has encryption and password
protection.
Stephane Auger
-----Original Message-----
From: Brian Bemis [mailto:brian_bemis@hotmail.com]
Sent: December 1, 2004 12:58 PM
To: 'Shawn Wall'; 'Ivan C'
Cc: security-basics@securityfocus.com
Subject: RE: pcAnywhere question
To add on to (or branch off from) this question, does anyone have any
experience with WindowsXP Remote Desktop? Any specific security concerns
with this built-in software? I've read that you can increase the
encryption to 128-bit, but by just doing this is it sufficient enough or
is a VPN also necessary in this situation?
Brian
-----Original Message-----
From: Shawn Wall [mailto:sjwall@shaw.ca]
Sent: Monday, November 29, 2004 10:04 PM
To: 'Ivan C'
Cc: security-basics@securityfocus.com
Subject: RE: pcAnywhere question
If you must use PCAnywhere, use it through a VPN. MS W2K has native
support for PPTP.
shawn
-----Original Message-----
From: Ivan C [mailto:incman@hotmail.com]
Sent: Sunday, November 28, 2004 5:05 PM
To: security-basics@securityfocus.com
Subject: pcAnywhere question
Hi All,
Looking at deploying pcAnywhere on the internet facing interface of a
windoz 2000 server for remote management and would like any feed back as
to:
- the vulnerabilities of the pcanywhere application
- can the login be brute forced
any other feedback is appreciated
Thanks
Henry
_________________________________________________________________
Click here for the latest chart ringtones:
http://ringtones.com.au/ninemsn/control?page=/ninemsn/main.jsp
- Previous message: Ghaith Nasrawi: "Re:changing routers and switchs passwords remotely"
- In reply to: Stephane Auger: "RE: pcAnywhere question"
- Next in thread: NoSpam: "vnc through ssh for windows"
- Reply: NoSpam: "vnc through ssh for windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
