David:
Hello! Let me dive in to your questions and comments:
<snip>
> Anyhoo, first I'll describe my network setup. I have about 1 main
> office with about 30 PC's, 2 servers, a firewall, and 2 network
> printers. In the field I have approximately 15 PC's on aDSL, with no
> hardware firewalls. They're a mixture, but predominantly win2k, with a
> random smattering of 98 and ME (BLECH). My desktop is running winPcap,
> vnc4, and Kaboodle. I auto-detect all the machines and printers on my
> LAN just fine (HOORAY), and I can see machines going on and off the
> network like they should (HIP-HIP-HOORAY).
So far so good. :) Though might I suggest you isolate those
"15 PC's on aDSL" with at *least* a NAT'ing router, if not a NAT'ing
firewall. You can find a LinkSys BEFSR41 on EBay for about $30; the
version just above that with a real firewall (BEFSX41) is only about
$15 more. Keeps me up a night, knowing that people directly connect a
Windows PC to the Internet. :)
> My first question is about remote installs -- I can't seem to do any.
> I have no problem with having to manually install vnc on all the remote
> machines and configuring them by hand, but if there's a way to do it
> while sitting in my quasi-comfortable office, I'd much prefer that. Oh,
> and do I JUST need to install VNC, or should I install winPcap and
> Kaboodle on them as well?
There's no good way to remote-install Kaboodle across a network
right now. But there *is* a good way to remote-install VNC -- have a look
at Fastpush: "http://www.darkage.co.uk/vnc/index.htm";. This will get a
VNC connection running, but doesn't provide the underlying secure
connection that Kaboodle provides.
> Question the second: how can I make sure that I can take control of any
> PC from any other PC, but that no one else can? I'd like them not to
> even know they're running any kind of Remote Desktop, if possible, but
> I'd also like to be able to take exclusive control (e.g. they can't use
> the mouse or the keyboard). The reason for this is because most of my
> users are so unfamiliar with technology, they'd probably shut down and
> restart if they saw the mouse moving without a by-your-leave.
For better or worse, VNC does provide means of doing this. If
you look at "http://www.realvnc.com/v4/winvnc.html#7"; you'll see a radio
button in the VNC Server "Input" control that says "Disable local inputs
while server is in use". The user on the receiving end can still unplug
the PC, but they always could do that. :)
> Question the third: when transmitting over a local network, are the
> packets compressed / encrypted? I'd like to enable this, if possible.
When Kaboodle is talking to Kaboodle across a local network
(or across the Internet), the communication is compressed and encrypted,
yes. When Kaboodle is just helping to facilitate a VNC connection to a
non-Kaboodle PC, there is no encryption, and it relies solely on the
compression capabilities of VNC (which are pretty good).
> Question the fourth: I'd like to be able to reach out and touch my
> remote sites, but all that stuff about Kaboodle Proxy confused the me
> beyond belief. I gather, right now, that a) Kaboodle Proxy is not
> working, and b) that I might not even need it at all?
Correct, KaboodleProxy is not yet shipping, but it's not required
in order to establish a Kaboodle-to-Kaboodle connection across the Internet
(ie, a "GetEngaged Personal VPN Connection"). KaboodleProxy simply makes
it easier to create these connections when one or both of the Kaboodle
PC's in the connection are behind a firewall or NAT'ing router (such as
one of the LinkSys boxes I mentioned earlier).
> Final question, Regis: Is it possible, using Kaboodle / VNC to make
> sure that ALL network traffic from my remote sites is a) encrypted, b)
> funneled through my LAN, and c) delivered to the outside world? The
> reason I'm wondering this is so that I can set up a content filter
> (considering using Dansguard) and it would be MUCH easier to do so 1
> time than 16 times. In addition, this would effictively put those
> machines behind the firewall, and would greatly ease my efforts to get
> them properly managed / upgraded / protected.
Yes it's possible, but not with Kaboodle. :) What you're asking
about is a true industrial-grade VPN, such as what FreeSWAN (or other
IPSec vendors) provides. To implement this type of VPN, you would setup
a VPN Server at your main office, and install VPN clients at all of your
remote sites. These VPN clients would affect the routing of all data so
that it was securely delivered to your VPN server, and emerged onto your
LAN indistinguishable from "local" LAN traffic. Very cool stuff, but also
very tricky to get working. Hence Kaboodle's "Personal VPN" distinction. :)
You can find hundreds of pages of resources on this stuff simply by
Google'ing for "VPN software".
> Thanks for taking the time to read this agonizingly long clue search.
> I hope you don't just say "RTFM" as I have. I guess I just need a
> clue-by-four upside the head to get me started. Wonderful product so
> far, though. Have you given any thought to having alternate display
> modes?
We've actually got a new GUI in development. I think the current
one has served its purpose. :)
Hope this helps!
cheers,
Scott
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Kaboodle-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/kaboodle-user
To UNSUBSCRIBE, click on the above link.
