[windows2000] Re: Remote Assistance/Desktop
- From: "Daniel Ensor" <densor@xxxxxxxxx>
- To: <windows2000@xxxxxxxxxxxxx>
- Date: Wed, 9 Nov 2005 15:31:29 -0000
Thank god, well I know hard outside soft inside isn't a good model these
days but there is always a trade off between functionality and security.
We run IPSEC internally and all thin clients are running 128bit, I have
a script which checks all the logs for vnc service events daily
(something gencontrol always creates) you also have to have admin rights
(yes I know you can obtain these but...) so if you're all good there
then I would open that port... it depends how much you need to be able
to do it I guess...
The way I see it is if any hacker is getting in and is worth their salt
the last thing they're going to do is run a VNC session onto a users
machine, the intrusion would be detected by admins reasonably quickly so
where's the fun in that. Far better to sit on your routers and misdirect
packets, hide exploits on your HP printers flash memory and run jack the
ripper on your accounts and log in legitimately... but maybe they would
log onto a users XP box and change the background on the desktop ;)
________________________________
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Dogers
Sent: 09 November 2005 15:16
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Remote Assistance/Desktop
God no, not the company firewall!
I mean XP's :)
We have it enabled by default as a CYA if any accidents happen ;)
Andrew
On 09/11/05, Sorin Srbu <sorin.srbu@xxxxxxxxxxxxx> wrote:
Dogers <> scribbled on Wednesday, November 09, 2005 3:44 PM:
I know what you mean...
Anyway, I wouldn't unblock the VNC ports in the company firewall
if I
were you, and that's what you mean?
VNC is well-known to crackers and hackers... Granted, you can
lock it
down using white-lists and stuff, but I'd still rather see a way
to
initiate a mail-remote-desktop-session and yadda, yadda, yadda,
using an
already built-in program. I really with Microsoft could point
its wand
over the rdp-clients and do some magic. 8-/
> Yeah, I remember you asking, was hoping we had found an
answer! Guess
not,
> bah!
>
> Whats annoyed me is just now we tried doing one WITH an invite
and it
kept
> wanting to kick the user off anyway!
>
> Will have to get VNC unblocked on the firewall I guess :(
>
> Andrew
>
>
> On 09/11/05, Sorin Srbu < sorin.srbu@xxxxxxxxxxxxx
<mailto:sorin.srbu@xxxxxxxxxxxxx> > wrote:
> Dogers <> scribbled on Wednesday, November 09, 2005 3:38 PM:
>
> I asked the same thing a while back, but didn't really come
any
> conclusion. Anyway, I'd like to do this too.
>
>> Anyone know if theres a way to connect to an XP machines
console
session,
>> without logging off the current user? I know the user can
send an
invite
>> and ask you to connect, but is there a way to connect without
the
user
>> sending the initial invite?
*****************************
New Site from The Kenzig Group!
Windows Vista Links, list options
and info are available at:
http://www.VistaPop.com
*****************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Visit the new FDL web - site designed to serve you better-
http://www.fdl.co.uk This message has been sent from Fuerst Day Lawson Ltd
and confirms that the email has been scanned and to the best of our
knowledge is free from virus infection. The unauthorised use, disclosure,
forwarding or copying of this message and any attachments is strictly
prohibited. If you have received this message in error, please email
moderator@xxxxxxxxx This message and any attachments, which are confidential
and may be privileged, are for the use of the addressee(s) only. The views
and opinions expressed in this email message are the author's own and may
not reflect the views and opinions of Fuerst Day Lawson Ltd.
Other related posts:
