On Tue, 13 Mar 2001, James ''Wez'' Weatherall wrote:
> > Consider the following scenario:
> >
> > A tech support worker, behind a corporate firewall, accesses a user's PC
> > which is behind another corporate firewall. These firewalls are pretty
> > tight, and the only way the tech support worker has access to the user's
> > machine is through a single, dedicated VNC port or tunnel set up
> > semi-automatically via scripts running on the bastion hosts.
>
> If you're going to only have one protocol available through a firewall, you
> should make it SSH, not VNC. VNC is not only too special-purpose to be the
> single protoccol available, it's also not any more secure than telnet, for
> example and should therefore be tunnelled over SSH wherever possible.
Hear, hear, I think if a VNC port is open through the firewall to the
Internet someone should be very fired, tarred (not with the typical UN*X
command), feathered, dragged across town, and exhibited for public
ridicule.
Besides, there already is free software that gives one complete control
over a Windows box. I'm surprised I didn't mention it earlier, it's
called BackOrifice. I hear its very simple in use. Here is a link to the
FAQ: http://www.bo2k.com/indexwhatis.html
Tom
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
