Remote desktop solution that's a bit safer than Remote Desktop?

[MDesigner]

Currently my home computer (XP Pro) has Remote Desktop active, and I run it on a non-standard port so people won't just attempt to connect. Though I'm still a bit uneasy about having that open to the world. Is there a safer solution? Obviously the answer is to CLOSE that port on the router, and use something like Hamachi where the client computer will be on a virtual LAN with my home computer. But if I'm on some other computer that doesn't have Hamachi on it, then what?

Is UltraVNC more secure than RDesktop? Heck, even if RDesktop had the ability to do full logging (which IP connected when and for how long), that would be nice. But it doesn't, so even if someone gained access, I'd never know. I'm assuming UltraVNC has some sort of logging capability.

Any recommendations for a highly secure remoting solution?

 

[mad0maxx]

I heard RealVNC and Hamachi works wonders but if no Hamachi then just RealVNC works wonders... though this is just what I heard. ^_^

 

[MDesigner]

RealVNC vs TightVNC vs UltraVNC.. decisions decisions No clue how any of them differ from each other. But I do know UltraVNC seems to get the most downloads on SourceForge.

 

[lozina]

I was involved in a closed beta for a game and they explicitly banned Hamachi because of some security hole

 

[Homerboy]

you're comparing a bit of apples to oranges here. RDC is much more than just a remote control program.

 

[JonnyBlaze]

Do you plan on upgrading to Vista. I see this in my event viewer. Looks like it has the info you want.

An account was successfully logged on.

Subject:
Security ID: SYSTEM
Account Name: BLAZE$
Account Domain: HOME
Logon ID: 0x3e7

Logon Type: 10

New Logon:
Security ID: Blaze\My User Name
Account Name: My User Name
Account Domain: Blaze
Logon ID: 0x88816c8
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x1f00
Process Name: C:\Windows\System32\winlogon.exe

Network Information:
Workstation Name: BLAZE
Source Network Address: My Works IP
Source Port: 13214



It supports better security also. When I connect out from Vista to XP it warns me the system may not be as secure blah blah..

 

[MDesigner]

Nope, zero plans to go to Vista.

 

[Auric]

I recommend UltraVNC with RC4 encryption. 'tis free, EZ, reliable, secure, sports file transfer and there is a plugin for PE.

 

[stash]

How is VNC going to be any more secure than RDP? You still need to open a port.

RDP also uses RC4 encryption by default. You can also configure mutual authN if you want.

http://technet2.microsoft.com/WindowsSe...86-ac9b-29fd6146977b1033.mspx?mfr=true

 

[MDesigner]

ARC4 or MSRC4? And PE = ?

 

[MDesigner]

RDP is susceptible to MITM attacks.

 

[sourceninja]

We require that you ssh into a ssh server and tunnel to the pc's to use remote desktop. RDP over ssh, very secure.

 

[WobbleWobble]

Originally posted by: sourceninja
We require that you ssh into a ssh server and tunnel to the pc's to use remote desktop. RDP over ssh, very secure.

We do this to get to our servers. Lookup BitVise's WinSSHD and Tunnelier.

 

[stash]

Originally posted by: MDesigner
RDP is susceptible to MITM attacks.

Not if you follow some basic mitigations, such as enabling TLS like I mentioned: http://support.microsoft.com/?id=895433

Or by tunnelling RDP through a properly secured VPN.

Even without these mitigations, a MITM attack would still require a name resolution spoof, such as ARP and/or DNS poisoning. And if you can do that, you can just as easily execute a MITM attack on VNC that isn't doing server auth.

edit: tunning is a new word!

 

[redbeard1]

I think that your first account is still free, with less features than the pay version.

Logmein

 

[jdoggg12]

Gotomypc

v6.0 has sound, video, driverless remote printing, guest invites, and is (for the most part) vista compatible.

Edit - It's got 2 case sensitive PWs to access your pc and is covered by 128bit AES encryption end to end.

 

[slag]

I'm going to throw my 2 cents in

I've used tightvnc, realvnc, logmein, gotomypc, etc.

None of them hold a candle to the speed that RDP has. I had virtually no lag with RDP from winxp pro. When I used VNC, the lag was about 3-5 seconds. Very very noticeable, not fun to do anything.

Until they make something that works as well as RDP, I'm sticking with RDP for Windows.

 

[MercenaryForHire]

RDP over SSH

- M4H

 

[MDesigner]

So what's a good RDP-over-SSH solution that costs $0?

 

[novasatori]

hm
I don't know much about this but I've always just used dameware

 

[sourceninja]

Originally posted by: MDesigner
So what's a good RDP-over-SSH solution that costs $0?

nothing good in life is free. You could use linux ssh server as a gateway and forward that to your desktop. But that woudl cost you a server, and time.

 

[MDesigner]

I already have a Linux box running actually

 

[MercenaryForHire]

Originally posted by: MDesigner
I already have a Linux box running actually

OpenSSH

- M4H

 

[MDesigner]

OK.. but then the question is, the whole setup process of going through the Linux box via ssh to RDP into the Windows box. Any pointers?

 

[sourceninja]

use Bitvise Tunnlier on windows, turn on RDP on your windows box you want to connect too. Make sure your ssh is configured to allow tunneling, make sure your windows box is behind a firewall and the only public point of access to it is via the linux box. ssh into linux box with tunnel setup to windows box (bitvise has a spot for this) then connect with your remote desktop client to localhost.