From: Drew G. <dr...@oa...> - 2008-05-14 15:45:09
|
siegfried wrote: > > My client’s security policies prohibit me from using openvpn. > > What are the alternatives? > > I suppose I could just open up a naked port on the public internet for > remote desktop and only protect it with a password in remote desktop. > I’ve done that before and was not hacked. > > Are there any better alternatives? > > Is VNC via SSH any more secure than using a password on a naked remote > desktop? > > Thanks, > > Siegfried > VNC over SSH, particularly if you only allow authentication via certificates (no passwords) is infinitely more secure. If that is all you want users to access, then that may be better than OpenVPN. If the security issue is that OpenVPN is too broad in its scope of network access, SSH is the answer. If the policy disallows OpenVPN but allows direct access to the desktop from the Internet with just a password, then the policy needs some serious review. regards, Drew -- Drew Gibson Systems Administrator OANDA Corporation www.oanda.com |