On Tue, 27 Sep 2005, stan wrote:
> I find myself in the position sometimes when away from home having access
> to only M$ machines with a base OS load only.
>
There is really no way to trust a MS machine you don't have control over,
.. even *thinking* you can is asking for trouble.
With hundreds (or thousands) of trojans & key loggers there's just no way
you could feel safe.
> I don;t have telnet open on my home network, but i was considering opening
> it up on the OpenbD firewall, and using some sort of one time password
> scheme.
>
The **ONLY** way to access your remote machine 'sanely' is via ssh, .. but
many public access points block anything except 80 & 443; you *could*
redirect incoming so you could use 443, however.
As an option, consider Webmin - it operates via an ssh port, .. offers
GUI control over the entire machine and even an ssh Java client. You can
also configure users with different 'privledges', so your 'on the road'
user could only access specific functions.
> Would this be a sane thing to do? and f so, where cold find some software
> to support the one time password functionality?
>
OTPs are best used with a remote 'dongle' to generate time-synchronized
keyphrases, which would provide some level of security and no allow
keystroke loggers to gain any benefit (except capturing whatever you'r
typing during the session).
The best solution is to take your laptop (or Zaurus) and find a cafe with
WiFi. (In the states Panera (St. Louis Bread Company) provides free WiFi
with NO ports blocked.)
Lee
================================================
Leland V. Lammert [EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
Network/Internet Consultants www.omnitec.net
================================================
