RE: Any remote client - without fixed IP

From: Bob Beck (goodfela26_at_finneganfamily.net)
Date: 03/22/05

  • Next message: Bruyere, Michel: "RE: basic VPN question" 
    To: <security-basics@securityfocus.com>
Date: Tue, 22 Mar 2005 12:17:32 -0500

    If this is a home user and a VPN is out of the question:

    To get around the dynamic ip addressing, you can create a dynamic dns
    account (http://www.dyndns.org/) for the user and install a dynamic dns
    update utility on the remote computer
    (http://www.dyndns.org/support/clients/dyndns.html). Then, install your
    remote control software (VNC, PCAnywhere, etc.) on the user's computer and
    connect to it via the newly created dns account, i.e. homeuser.homeip.net.
    This isn't the most secure way to do this, but it does work.

    You can also use an ssh server on the client's pc along with a dynamic dns
    account to give a more secure connection to the client. To do so, install an
    ssh server (http://www.openssh.org or http://sshwindows.sourceforge.net/) on
    the client pc and configure it. Then, from the pc that you want to access
    the client from, you can use putty
    (http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html) or any
    other ssh client to create a tunnel to the client while using port fowarding
    to connect to the client. For example, you can forward your local port xxxx
    to connect to the port running your remote control server on
    homeuser.homeip.net. Then, use your remote control client and connect to
    localhost:xxxx and it will forward your request to the correct port on the
    remote server using the tunnel you created.

    I hope that helps.

    Bob

    -----Mensaje original-----
    De: hartmann [mailto:hartmann@thestar.com.my]
    Enviado el: Jueves, 17 de Marzo de 2005 10:19 p.m.
    Para: 'Jeff N. Miller'
    CC: security-basics@securityfocus.com
    Asunto: RE: Any remote client - without fixed IP

    Thanks Jeff.

    VPN was once considered.
    But later rejected by team leader,
    As said not practical for user to get into our LAN
    Because we may not know that what is installed or running in the client.

    Adam

    -----Original Message-----
    From: Jeff N. Miller [mailto:jmiller@prairieknights.com]
    Sent: Wednesday, March 16, 2005 5:39 AM
    To: hartmann
    Cc: security-basics@securityfocus.com
    Subject: RE: Any remote client - without fixed IP

    DHCP shouldn't be a problem. That's what DNS is for. That said, a VPN is
    your best option. Then you can use VNC, Remote Desktop, etc....after the
    user has authenticated to the VPN.

    -----Original Message-----
    From: hartmann [mailto:hartmann@thestar.com.my]
    Sent: Monday, March 14, 2005 7:46 PM
    To: security-basics@securityfocus.com
    Subject: Any remote client - without fixed IP

    Hi,

    Is there any software or any way that we could have a remote control over
    client(s)
    Which does not have fixed IP?
    I'm one of my company system administrators, and currently we need to
    support remote site clients.
    But, the difficult part is that the client have a dynamic IP.
    Thus, is there any tools to help?
    Even it needs to be launched from the client side.

    Thanks.

    Adam

    /******************************************************************\
    This message and any attachment(s) are confidential and may be privileged or
    otherwise protected from disclosure. If you are not the intended recipient,
    please telephone or e-mail the sender and delete this message and any
    attachment from your system. If you are not the intended recipient you must
    not copy this message or attachment or disclose the content to any other
    person.

    Any opinion, view and/or other information in this message and/or any
    attachment(s) hereto which do not relate to the official business of Star
    Publications (Malaysia) Bhd shall not be deemed given nor endorsed by Star
    Publications (Malaysia) Bhd. Our company is not responsible for any activity
    that might be considered to be an illegal and/or improper use of email.

    E-mail transmissions cannot be guaranteed to be secured or error-free as
    information could be intercepted, corrupted, lost, destroyed, delayed,
    incomplete or contain viruses. The sender therefore does not accept
    liability for any errors or omissions in the contents of this message or for
    any virus damage which may arise as a result of this e-mail transmission.
    /******************************************************************\

    ______________________________________________________________________
    This email has been scanned by the MessageLabs Email Security System.
    For more information please visit http://www.messagelabs.com/email
    ______________________________________________________________________

    /******************************************************************\
    This message and any attachment(s) are confidential and may be privileged or
    otherwise protected from disclosure. If you are not the intended recipient,
    please telephone or e-mail the sender and delete this message and any
    attachment from your system. If you are not the intended recipient you must
    not copy this message or attachment or disclose the content to any other
    person.

    Any opinion, view and/or other information in this message and/or any
    attachment(s) hereto which do not relate to the official business of Star
    Publications (Malaysia) Bhd shall not be deemed given nor endorsed by Star
    Publications (Malaysia) Bhd. Our company is not responsible for any activity
    that might be considered to be an illegal and/or improper use of email.

    E-mail transmissions cannot be guaranteed to be secured or error-free as
    information could be intercepted, corrupted, lost, destroyed, delayed,
    incomplete or contain viruses. The sender therefore does not accept
    liability for any errors or omissions in the contents of this message or for
    any virus damage which may arise as a result of this e-mail transmission.
    /******************************************************************\

  • Next message: Bruyere, Michel: "RE: basic VPN question"

    Relevant Pages

    • Re: VPN clients unable to connect to other resources.
      ... gateway matches the IP of the remote client, and DNS and WINS point to the ... remote (although it takes close to a minute to connect, ... This is just regular Windows VPN, ... VPN server, remote routing and access running on the SBS 2003 server ...
      (microsoft.public.windows.server.sbs)
    • RE: Remote connectivity problems
      ... do you mean you have added a remote client to SBS ... If you have hardware VPN tunnel setup using Linksys or others, ... In this scenario you have to configure the SBS Server computer to enable ...
      (microsoft.public.windows.server.sbs)
    • Re: VPN clients unable to connect to other resources.
      ... Are you saying that an XP Home PC wouldn't be able to connect to a server share over VPN? ... Can ping the SBS but not the client PCs on the same network. ... gateway matches the IP of the remote client, ...
      (microsoft.public.windows.server.sbs)
    • RE: Connection times to devices behind VPN are extremely slow
      ... I understand that the remote VPN client ... You have to rerun the CEICW to make sure your SBS 2003 server have right ...
      (microsoft.public.windows.server.sbs)
    • Re: TS vs VPN
      ... Using TS, w/o VPN ... The remote client connects to your local TS via Remote Desktop. ... "Foo" accesses the SQL server, which is nearby in a protected part of the network. ...
      (microsoft.public.windows.terminal_services)
    • Quantcast