You've also got BackOrifice 2000 at http://bo2k.sourceforge.net/. Most people think that it is a virus or a Trojan, but it actually is a very good low profile - high security remote administration tool.
The BEST philosophy is to use 2 factor/strong authentication at the firewall to allow any remote administration protocols through. If you implicitly trust your internal network, you may authorize your firewall to pass remote admin protocols through without authentication. Use a well respected/open protocol to protect all communications to/from the DMZ server. These protocols are IPsec (best), SSH v2 (OpenSSH implements), and SSLv3 or TLS. You notice that PPTP isn't there. The DMZ server should use some sort of 2 factor/ strong authentication to authenticate this connection from the remote client. Then you can run any type of remote admin program across the channel. REMEMBER: Remote admin could be used by others the same way you use it if you don't practice good security practices. Best FREE solution: Remote Admin software: backorifice 2000 VPN software: OpenSSH Strong authentication: Public key with OpenSSH Ron Ogle Rennes, France > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, November 20, 2001 9:51 AM > To: Matt LYNCH > Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Antwort: Remote Admin of DMZ > > > Hi, > > a combination I think is very nice is OpenSSH (there is a > free NT Version > here: http://www.networksimplicity.com) in combination with > VNC or any > other remote tool .......... > > > All machine are NT 4.0, I use a W2K desktop. (Free would be > nice, but I am > also interested if there are commercial solutions available). > > Thanks in advance > > Matt > > > >
