For 6-8 months I think I would leave PCAnywhere in place,
not worth the testing and deployment work. I would ask the security guys to list
what specifically they are concerned about and put compensating controls into
place.
I would also go further and disable the services (or set
them to
Same here. We got an enterprise license
for under 5K…
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ
Sent: Thursday, February 19, 2004
9:22 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] OT - VNC
/ Remote Administration
VNC
Each
of the 3rd party remote tools has it's advantages and disadvantages. I
have used in my lifecycle pc-anywhere, vnc, dameware, timbuktu, and remote
admin. If you search for "Application-name exploits" each google search
will turn up an amazing amount of exploitable features for each cli
Title: Message
Much
as I like VNC, your security guy is smoking crack.
VNC is
more resource intensive. If you put it on a slow server (<400MHz) it will be
very sluggish unless you disable compression.
VNC
pretty much sucks over dialup (even with compression).
VNC
uses one fixed password
Title: Message
I
agree with your security person.
We
use DameWare Mini Remote Control for downlevel systems management. Its got a
very nice client install process.
Roger
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Admin
The straight version of VNC is less secure than PCAnywhere
(sends passwords in clear text format). You'll want to look at a secure
version that uses Windows authentication. UltraVNC offers
this:
http://ultravnc.sourceforge.net/
And, UltraVNC tends to be the fastest implementation out
t
VNC is decent for the price, but we felt it was better to
have a product that logs who's logging in and gives more security control.
We went with Remote Admin 2.1 instead, and it is cheap and works
well.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Frank
AbagnaleSent: T
