![]() | ![]() |
|
Welcome to the HEXUS.community discussion forums forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and other features. By joining our free community you will have access to post topics, respond to polls and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! |
| |||||||
Networking and Broadband ADSL, cable, internet and network advice and chat ![]() |
![]() |
| | LinkBack | Thread Tools |
| | #1 (permalink) |
| Team HEXUS.net | VNC - Good idea or bad idea? Right, I want to be able to use my home machine, which is behind a smoothwall (firewall / router) box, so was going to put VNC on there, and then open that port on smoothwall so that it should work, and was thinking of using a complicated password... do you think this is a good idea or a bad idea? should i leave the machine locked so that when i get into vnc i will also need to log onto a local account, as a second level of security? cheers josh Join the HEXUS Folding at Home Team!! ![]() Welcome to HEXUS! - Read this if you're new! hexus trust | joshwaller.co.uk | digicamreview.com | tea review - are you on the Hexus social map? |
| | |
| | #3 (permalink) |
| Team HEXUS.net | got 2000 server running - vpn ? Join the HEXUS Folding at Home Team!! ![]() Welcome to HEXUS! - Read this if you're new! hexus trust | joshwaller.co.uk | digicamreview.com | tea review - are you on the Hexus social map? |
| | |
| | #4 (permalink) |
| Will work for beer... Join Date: Jul 2003 Location: Preston, Lancs
Posts: 5,874
Thanks: 169
Thanked 104 Times in 76 Posts
| I'm with MD on this; I've used VNC for remote server management, but ONLY through a 3DES/MD5 VPN connection. By all means lock the machine, but remember with VNC you might as well be giving anyone who's got that far physical access anyway, so don't rely on locking it for security. |
| | |
| | #6 (permalink) |
| MSFT Join Date: Jul 2003 Location: %systemroot%
Posts: 1,835
Thanks: 11
Thanked 50 Times in 41 Posts
| I would use a VPN to establish authenticated sessions and lock down the IP addresses permitted to connect, if your router supports it, then use Terminal Services as it's built into Windows. Also use a separate account that is permitted to use TS sessions, and does NOT have admin rights. If you need to transfer files over the connection then I guess you're looking at a 3rd-party solution, as I think you're limited to clipboard copying over TS. Not familiar with VNC so couldn't comment on that. ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~ [ Personal Website ] - [ Technet Blog ] Main PC: Win7 x64 / Asus P6T Deluxe / Core i7 920 / 12GB DDR3 / 120GB SSD / GeForce GTX285 Server: W2K8 R2 / Asus P5K Premium / Core2 E6750 / 8GB DDR2 / 150GB, 500GB SATA2 / GeForce 9800GTX HTPC: Win7 x64 / Asus P5E-VM HDMI / Core2 E6850 / 4GB DDR2 / 400GB SATA2 / ATI 3650 Silent |
| | |
| | #7 (permalink) |
| Team HEXUS.net |
also what port(s) would i need to let through the smoothwall firewall? Join the HEXUS Folding at Home Team!! ![]() Welcome to HEXUS! - Read this if you're new! hexus trust | joshwaller.co.uk | digicamreview.com | tea review - are you on the Hexus social map? |
| | |
| | #9 (permalink) |
| Administrator | terminal service can be used in Remote Administration mode with up to 2 concurrent connections. you' may well need to add it in "add/remove windows components" if you are running a PPTP VPN then I think you need to allow port 1723 and protocol 47 thorugh the smoothwall to your server , then set the VPN up on that. |
| | |
| | #11 (permalink) |
| Oh no!I've re-dorkalated! Join Date: Jul 2003 Location: Sunny MK
Posts: 2,307
Thanks: 29
Thanked 22 Times in 21 Posts
|
|
| | |
| | #12 (permalink) |
| bored out of my tiny mind Join Date: Jul 2003 Location: Berkshire
Posts: 3,029
Thanks: 56
Thanked 58 Times in 50 Posts
| If you find setting up a VPN a pain in the arse (and most people do I think) then a (possibly less useful) solution would be to only open up the VNC port(s) to known IP addresses (i.e. if you want to access your home PC from work / uni only let the IP addresses in that you need). |
| | |
![]() |
| Breadcrumb | ||||||
| ||||||
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |