You'll have to have some way for IP to get to the machine in question, so you'll need some sort of VPN. If only one user is using it, and you've got any NT servers in the building, Microsoft's RAS Server/PPTP might be plenty. But, you will need a secure tunnel to get them access to your LAN.
Or, that machine will need a public IP address and to be live on the 'net. My suggestion would be a VPN. You could have them dial direct in to a modem if you didn't mind it being slow. Seems a waste when they have broadband. Then, you'll need remote access software. My experience with PCAnywhere is slightly dated and then extremely outdated, so they may have addressed some of these issues but whenever we used PCAnywhere, it made the whole machine unstable, probably because of some of the disturbing things they had to do to make the software work. In a couple of cases, it made the machine unusable, and we had to reinstall the OS. Again, they may have addressed this. We are using a product called DameWare here, which includes a very nice remote control suite, and some other nice management tools. I don't know how much it costs, but I expect it's not cheap. Enterprise software rarely is. One free option you might consider is using VNC. VNC is not secure, so you'd have to tunnel it over SSH. It would then be encrypted on the wire, and should be pretty secure. I've got a free ssh server running here, and VNC is free, and there are at least a couple of free SSH clients, so this is a solution you could cobble together out of random bits of software on the 'net. The free SSH server is sshd from cygwin. cygwin has an ssh client, and PuTTY is free and tunnels sockets very nicely. VNC itself is free, and has clients for pretty much every platform. Hope that helps, and good luck. Having remote access to a machine can be a very powerful, and useful tool. Lou Erickson IT Tools Developer Ariba, Inc. > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Monday, July 22, 2002 1:35 PM > To: [EMAIL PROTECTED] > Subject: PCanywhere: security of it and operation over > DSL/cable modems > > > We have a workstation at the office that needs to allow a user remote > access for running software on the workstation. I don't > think a VPN will > work because the user MUST run the software on this machine, > as if he was > seated at it. I'm looking at gotomypc.com and pcanywhere. I > don't feel > comfortable using gotomypc.com as this is proprietary company > information > and I don't trust someone else having the access information for the > workstation that has the info on it. > > My questions are as follows: > 1. Has anyone got experience with the security of PCanywhere > running over > a DSL/cable modem connection? What should I watch out for? > From what I > understand, I can use HTTPS as one of the options for the > connection. Anyone know the encryption level? Are all parts of the > transactions secured with encryption? > 2. How does the software work if it's over a broadband > connection? My > internal IPs aren't valid for routing. How does the software know a > connection is being initiated? > 3. Any better solutions come to mind? I'd rather have a > PITA setup that's > secure than a simple one that's not. > 4. What security measures should I implement on the users PC > to make sure > that it's secure as well? I won't have physical access to it > but for the > initial setup. > > I'll be interested in seeing if this gets posted at all due > to the recent > acquisition of securityfocus by Symantec. Can't bite the > hand that feeds > you, I guess. > > Many thanks for any help. Long time reader (well, several months at > least), first time poster. > >
