Restricting access

Michael Ossmann michael.ossmann "at" alttech.com
Wed, 20 Mar 2002 17:49:57 +0000


On Wed, Mar 20, 2002 at 09:24:30PM +1100, Andrew van der Stock wrote:
> 
> If this doesn't secure your site adequately, I would suggest rdesktop on
> the Unix boxes to connect to the Terminal Services Administration mode
> (installed by default in win2k and .NET server).

Doesn't Administration mode restrict access to users in an
administrative group?  Wouldn't it be just as insecure if everyone was
an administrator?

I'm not a Windows sysadmin, but it sounds like Application mode would be
an appropriate (though more expensive) solution where Administration
mode would not.

Another option would be to use some sort of gateway system.  If VNC
access is restricted to a particular Linux box, then you could run
vncviewer fullscreen inside Xvnc -nevershared and have your users
connect to that.  Other convoluted possibilities abound.

-- 
Mike Ossmann, Tarantella/UNIX Engineer/Instructor
Alternative Technology, Inc.  http://www.alttech.com/
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------