Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Using win VNC to connect to home pc

Posted on 2006-05-05
17
Medium Priority
?
605 Views
Last Modified: 2010-04-07
I would like to be able to connect to my home pc from work and am curious if i use win vnc, if that opens up my computer to viruses or stuff if they are on my work pc.  Guess i am a bit anal about the home pc and dont want to open it up to getting viruses or making it easier for someone to hack into it.  

Other recommendations as opposed to win vnc?  pcanywhere?  gotomypc.com?  The built in XP remote desktop ok enough so i dont need these others?
0
Comment
Question by:TheRookie32
  • 4
  • 3
  • 3
  • +5
17 Comments
 
LVL 9

Accepted Solution

by:
blandyuk earned 200 total points
ID: 16621517
You can use VNC, I use it to connect to my server at home but obviously use a firewall and only allow certain IP's to connect through TCP port 5900. You wont have any problems if you do that, (Or shouldn't).
0
 
LVL 17

Expert Comment

by:Dushan De Silva
ID: 16621885
I can recommend Windows Remote Desktop.

BR Dushan
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16621893
if just malware is you care about, then vnc is less attackable than something like pc anywhere
in vnc ther host and the client can not infect the other one
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
LVL 6

Author Comment

by:TheRookie32
ID: 16622029
@blandyuk - how does a person specify ips to allow through?

@ahoffman - using vnc, if one has a virus and the other doesnt, they cant get to eachother?  is that what you are saying?
0
 
LVL 9

Expert Comment

by:blandyuk
ID: 16622039
What firewall are U using? All you need to do it setup a rule. Most modern software firewalls pickup incoming / outgoing connections and popup a rule config for the particular application the did the request.

I use Agnitum Outpost Firewall, very configurable and I've never had a problem. The other bonus with Outpost is you can visually see all the incoming / outgoing connections that your computer is doing, can be handy.
0
 
LVL 51

Assisted Solution

by:ahoffmann
ahoffmann earned 100 total points
ID: 16622047
>  if one has a virus and the other doesnt, they cant get to eachother?  is that what you are saying?
yes, as long as there is nothing common than the vnc display, in particular no filesystem
(assuming that VNC has no exploitable bugs, which are/were known to pc anywhere)
0
 
LVL 32

Expert Comment

by:r-k
ID: 16622189
All the above is good advice. Pick a long password (greater than 10 chars) to avoid password guessing attacks.
0
 
LVL 6

Author Comment

by:TheRookie32
ID: 16623414
I dont have a third party firewall system... :$
0
 
LVL 32

Expert Comment

by:r-k
ID: 16623477
If this is XP you can use the built-in XP firewall. For this purpose it will serve the same purpose, i.e. you can specify who is allowed to connect to the VNC port.
0
 
LVL 2

Expert Comment

by:nls73m
ID: 16623645
create a tunnel with ssh then tunnel through it with vnc. you'll need a firewall with ssh on it. you'll use ssh to create the tunnel. i use a linux firewall at home. when i want to connect to my home system from work, i ssh into my home linux firewall, then from my work desktop, open vnc and you're good to go. the security of ssh is unbeatable. don't vnc without some kind of security. vnc is not safe over an unsecure network. if you can't do this, the at least purchase the vnc with encryption. i tend to stay away from rdp unless its secured through a tunnel, again with ssh, or a vpn.

regards
0
 
LVL 19

Assisted Solution

by:CoccoBill
CoccoBill earned 100 total points
ID: 16628819
VNC itself does not provide secure authentication nor encryption, although there are some flavors that provide encryption such as TightVNC. Limiting the IP addresses where you can connect from is recommended, but personally I would use Remote Desktop (assuming you're running Windows XP). RDP has very good compression and more intelligent design than VNC. VNC is very good for casual remote administration but its still sluggish over a LAN connection, whereas RDP can be used for remote work over any broadband connection, 1Mbit will be more than enough. RDP provides (relatively) strong encryption, 128-bit RC4/3DES.

One thing though, that neither of these products provide is strong authentication, here's what I'd do personally:
http://technet2.microsoft.com/WindowsServer/en/Library/a92d8eb9-f53d-4e86-ac9b-29fd6146977b1033.mspx

Also check out: http://www.mobydisk.com/techres/securing_remote_desktop.html

0
 
LVL 2

Expert Comment

by:liamkellycabra
ID: 16630315
This is the man for you

VPN
Secure
Free

http://www.hamachi.cc/download

think of it as a VLAN

You can then use VNC over it and it's secure.

Liam
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16630842
dooh, posting a proprietary protocol (hamachi) in a security TA,
> You can then use VNC over it and it's secure.
how could you proovethat there is no MITM? I guess you cannot.
0
 
LVL 2

Expert Comment

by:liamkellycabra
ID: 16631183
Em O yeh... Dooh
Man in the middle.
my bad.
0
 
LVL 6

Author Comment

by:TheRookie32
ID: 16631578
@blandy, do you use Agnitum Outpost Firewall instead of windows firewall?...
0
 
LVL 9

Expert Comment

by:blandyuk
ID: 16631632
Seems to be getting complicated here. SSH tunnel is a good idea ;) To be honest, RealVNC, www.realvnc.com, now uses Secure Communication with 128-bit AES. For what your using it for, it's more than adequate going thru a firewall restricting to your IP only.
0
 
LVL 6

Author Comment

by:TheRookie32
ID: 16631670
So either way, real vnc or windows RDC will be just fine...
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
Spectre and Meltdown, how it affects me and my clients?
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question