[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] helping remote users - what's recommended
 Date:  Mon, 24 Oct 2005 21:17:33 -0400
On 10/24/05, Tom <tomvaldes at comcast dot net> wrote:
> --logmein.com (like gotomypc.com but free)
> reqires the logmein software running on their machine.  I could probably
> have them turn it off and only have it running when I'm going to connect.

this is a good option.  I've used it for this purpose, and for remote
access at certain sites where I didn't have access to the firewall. 
it's probably the most secure of the bunch, regardless of whether or
not you leave the machine connected at all times.  depends on how much
you trust logmein.

> --VNC solution (UltraVNC, TightVNC, etc)
> Use port forwarding to their machine.. They would start VNC server when
> I need to connect and turn it off when I am done.
> If I leave port forwarding always on, but the VNC software is not
> running and therefore their machine is not listening on the port, the
> machine should be safe..correct?

yeah, but I don't like relying on the software for on/off.  Too easy,
especially for somebody that doesn't know what they're doing, to
accidentally leave it on.  It's also not encrypted by default (though
ultravnc does have an encryption plugin that I've used that works

running it on an alternate port would help.

> --Remote Desktop
> Use port forwarding to their machine.  Allows anyone to hit their
> machine since it is always running..  Obviously I would set it for
> password access.

Run it on an alternate port also.  this doesn't allow them to see what
you're doing though, so it's probably the worst of the mentioned

If you use Windows too, the thing I use most to help people in this
type of situation is the remote assistance built into MSN Messenger.