M
Matt
I want to establish a remote-desktop management connection (both ways)
using ssh and TightVNC between two computers, each behind a SOHO
firewall.
Here's my options as far as I understand it after poking around here a
bit:
1) Open up VNC ports on each firewall. Map said ports to respective
computers. Point TightVNC at each firewall's WAN IP. Not secure, but
easy (or at least easier then #2).
2) Open up port 22 on each firewall, map port 22 to the respective
computers, and run ssh connections to each. Then point TightVNC to
each respective ssh connection, and VNC does not know the difference.
3) Don't run any VNC at all, and use some other software like
RemoteDesktop/NetMeeting which supposed has security/encryption "built
in"? I still have to map some firewall ports to internal LAN computer
IP addrs, right? Which ports is unclear. This seems most complicated
despite the fact that I somehow don't need to worry about
security/encryption. Furthermore, I need to specifically have
WinXPPro, and one of my aforementioned computers is WinXP Home (and I
might be using Linux/Mac platforms for this stuff later, too).
Number 2 seems most attractive to me. My concern might be the
vulnerability of opening ports 22 on the firewalls? Is this in any
way a potential problem? Does anything else besides ssh listen on
port 22, and if not, does that still mean my port-mapping is "secure"?
Thanks for any help,
Matt
using ssh and TightVNC between two computers, each behind a SOHO
firewall.
Here's my options as far as I understand it after poking around here a
bit:
1) Open up VNC ports on each firewall. Map said ports to respective
computers. Point TightVNC at each firewall's WAN IP. Not secure, but
easy (or at least easier then #2).
2) Open up port 22 on each firewall, map port 22 to the respective
computers, and run ssh connections to each. Then point TightVNC to
each respective ssh connection, and VNC does not know the difference.
3) Don't run any VNC at all, and use some other software like
RemoteDesktop/NetMeeting which supposed has security/encryption "built
in"? I still have to map some firewall ports to internal LAN computer
IP addrs, right? Which ports is unclear. This seems most complicated
despite the fact that I somehow don't need to worry about
security/encryption. Furthermore, I need to specifically have
WinXPPro, and one of my aforementioned computers is WinXP Home (and I
might be using Linux/Mac platforms for this stuff later, too).
Number 2 seems most attractive to me. My concern might be the
vulnerability of opening ports 22 on the firewalls? Is this in any
way a potential problem? Does anything else besides ssh listen on
port 22, and if not, does that still mean my port-mapping is "secure"?
Thanks for any help,
Matt