The key ingredient in the message that Gino referenced is "6.- Local security, group policies, and AV stopped the intruder from accessing any data in the network or system." Here is my suggestion: You are using non-routable IPs, good - keep it that way. Since you mention VPN I am assuming that this would be an option. Give the user in question VPN access, once they are VPN'ed in they can initiate the PCanywhere connection to the PC. Make sure that the PC is locked down and that the user account is explicity allowed access to only that one machine. Set minimum security standards for the user on the other end, AV, firewall, etc... If this person is under your control it should be easy to enforce, if not, all you can do is ask.
Hope this helps. Damien -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, July 22, 2002 4:35 PM To: [EMAIL PROTECTED] Subject: PCanywhere: security of it and operation over DSL/cable modems We have a workstation at the office that needs to allow a user remote access for running software on the workstation. I don't think a VPN will work because the user MUST run the software on this machine, as if he was seated at it. I'm looking at gotomypc.com and pcanywhere. I don't feel comfortable using gotomypc.com as this is proprietary company information and I don't trust someone else having the access information for the workstation that has the info on it. My questions are as follows: 1. Has anyone got experience with the security of PCanywhere running over a DSL/cable modem connection? What should I watch out for? From what I understand, I can use HTTPS as one of the options for the connection. Anyone know the encryption level? Are all parts of the transactions secured with encryption? 2. How does the software work if it's over a broadband connection? My internal IPs aren't valid for routing. How does the software know a connection is being initiated? 3. Any better solutions come to mind? I'd rather have a PITA setup that's secure than a simple one that's not. 4. What security measures should I implement on the users PC to make sure that it's secure as well? I won't have physical access to it but for the initial setup. I'll be interested in seeing if this gets posted at all due to the recent acquisition of securityfocus by Symantec. Can't bite the hand that feeds you, I guess. Many thanks for any help. Long time reader (well, several months at least), first time poster.
