> 1) Other network vulnerablities assuming the only > protocol I am allowing in is for VNC- are there any? OK, so you're stopping all the traffic coming across the vpn to you except vnc. That way they can't do anything else on your network except vnc. Then by using vnc they have full control of a box that sits inside their network from which they can do anything they want on/to your network.
> 2) What vulnerablities do I create with the box > itself that the external company is vnc-ing to? They have full access to your network via the vnc box. You're letting them do anything they want. The next thing you could do is put this box behind it's own firewall (making a dmz) and allow out only the protocols and destinations necessary for them to meet the purposes of you letting them vnc the box in the first place. If they aren't supposed to have any network access at all, then the firewall would only let in the vnc and let nothing out. It all boils down to either you trust them or you don't. And when it's your network and your security you shouldn't trust anyone, not even your own users. So why should you trust them? _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
