Keep it simple. Just use your firewall to allow RDP (or, I suspect in
your case, a VNC derivative) only to your work address.
------ Original Message ------
From: "Rob Gibson" <nosbig@xxxxxxxxx>
To: "ncolug@xxxxxxxxxxxxx" <ncolug@xxxxxxxxxxxxx>
Sent: 4/8/2017 1:08:56 PM
Subject: [ncolug] VPN Preference
All,
I am looking to beef up my game for security, and I am curious as to the
thoughts of others more knowledgeable than I regarding remote connectivity.
I have two major methods by which I could connect back to my home network:
* SSH
* VPN
I am using SSH, and I am working to harden that such that I reduce my
attack surface. Clearly, moving to a certificate-based SSH experience
with ssh-agent would provide the best of all worlds, especially if I
consider hacking on TOTP two-factor authentication.
I would also consider using VPN, especially if Jen needed to connect as
once the VPN is set up, it is much easier to enable and disable (from a
smartphone, for example).
Would you use:
* OCServ (Cisco AnyConnect-compatible SSL VPN Server)
* OpenVPN Server
* Classic IPSec VPN in a client mode
Of those choices, why or why wouldn't you use any of those particular
options?
Thanks in advance,
Rob
To unsubscribe send to ncolug-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field.
