On Thu, 2004-10-21 at 17:18, Thom G Gillis wrote: > Hi Wez > > I am sending this directly ( and copying not to the forum ) - hope > that's OK since I > perceived that you may be able to give me some quick/easy references > where I can find the information I need. > > I am the system admin and GIS admin for a section of a provincial > govt. dept running > a SUN server as a File and App server and accessing it from PC-Windows > desktops. > I was experimenting with using VNC for accessing the SUN Server from > win2k desktops > ( we had been using Hummingbird Exceed ). > Since we were not using most of the other tools available in the > Hummingbird package > I decided to investigate VNC. > > The first advantage which was immediately obvious ( aside from cost ) > was that the > session was run on the server instead of the desktop so that a desktop > failure ( for whatever reason ) did not end the session and destroy > work in > progress. Second benefit was that we were able to create more than one > session > ( eg as different users ) and access them sequentially on the desktop. > > > Our Corporate IT group deemed that the security risks were too great > and we were told > to remove the software and go back to the old approach. > > That I did but since then I have been browsing the forum mailings even > though we are no longer using > VNC to get a better idea of what the actual security issues really > are. Didn't notice anything which > seemed to match our situation but there were a lot to read through. > > We were using the service internally only - behind a firewall ( or > two ) on a LAN consisting of > many PCs and several windows servers - as well as a few UNIX boxes > serving up data and apps for > sections employing GIS. > > I thought that security should be pretty easily established in such a > situation ( I have not been > heavily involved in that side of things ) - but the people in charge > said that making the setup secure > was complicated and expensive (requiring much tweaking by our ISP at > the > I am a little dubious of their claims and would like to find some > good documentaion on procedures > to make such a setup viable. > > Can you refer me to some discussion papers or publications ( paper, > electronic or Web based ) which would benefit me in > my quest > > regards > > Thom Gillis
Thom, I'm a little confused here... 1) Which insecurities of VNC did your IT management complain about. It's insecurities are similar to the X-Windows (eXceed) protocol? That is why we use SSH to tunnel X-Windows (just like the suggestion to tunnel vnc via SSH, given else where) 2) Where does the ISP come in? You state that the usage is only internally behind a firewall (or 2), so I fail to see how your ISP got involved. I would expect them to have a word only if you want access from outside the firewalls.... Jerry > _______________________________________________ > VNC-List mailing list > [EMAIL PROTECTED] > To remove yourself from the list visit: > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
