Tom -- see in-line: Quoting "Kern, Tom" <[EMAIL PROTECTED]>:
> my cio wants to use Go To My Pc to acces his pc remotely and he would like > other managers to use this as well. > i think its really insecure and a bad bad idea. > my first question is, how does Go To My Pc really technically work? i can't > find any real details. i know it connects to their server on port 80, but > after that, i'm lost. they don't really provide any docs and as a rule i > avoid anyone that doesn't explain the low level details of their product. i don't have any experience with GoToMyPC but... > also, i propose using remote desktop web client. is this any more secure? i can give you some ideas about this. In my environemnt i have an IIS 6 box that is running the Terminal Services Advanced Client, which is: <snip> a Win32�-based ActiveX� control (COM object) that can be used to run Terminal Services sessions within Microsoft� Internet Explorer. </snip> Basically, you only need IE to connect to a computer that is running TS or RDP. Some advantages are: You can use Windows Authentication in IIS restricting access to/for specific domain users. Credentials can be passed over HTTPS Port 3389 on the client-side can be restricted to the IP of the IIS box. Data is encytped using RSA RC4 w/ a 128 bit key You have complete control over RDP and TS settings using Group Policies. Some articles of interest: Terminal Services (in general): http://www.microsoft.com/windowsserver2003/technologies/terminalservices/default .mspx or, http://tinyurl.com/59ml Guide to Securing Microsoft Windows 2000 Terminal Services http://nsa2.www.conxion.com/win2k/guides/w2k-19.pdf or, http://tinyurl.com/yvhyh HTH, john ------------------------------------------------- University of Pennsylvania School of Veterinary Medicine List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
