Remote controlling Windows Desktops with VNC
I've played a bit the last few days with VNC at work for remotely controlling some of the kiosks we plan to deploy around the country. We want to make our kiosks as lightweight and bulletproof by running as few apps as possible since they are going to be installed in remote locations, often away from local expertise. For the most part the kiosks will run standalone, i.e not running on a LAN or any kind of Internet connection, except for when we need access to troubleshoot or update them, We have used Laplink in the past, which has generally worked well, but we have had a few problems with Laplink locking up which has a presented a few logistical issues when we have needed to perform any work on them. Each of the kiosks runs WinXP Pro, but XP's Remote Assistance isn't much help since it requires intervention from the remote end to get it running, we need something that is sitting there waiting to be called as soon as the kiosk is plugged in to the network.
I have used VNC before some time ago and decided to take another look. It works brilliantly and is incredibly lightweight at a mere 700k or so for the server component (only 300k for the viewer). It also has a built in viewer which is accessible via any java-enabled browser, preventing the need for the viewer client to be installed.
I have always wanted to be able to control all of my boxes at home from wherever I am. With Linux this is straightforward using SSH but for Windows it's a slightly different story. Artur Maj from Security Focus has written an excellent how-to (http://www.securityfocus.com/infocus/1677) on getting VNC to tunnel using open source software - Stunnel and OpenSSL and creating the encrypted tunnel using digital certificate authentication. The great thing about this implementation is that it is that it is completely free and pretty robust from a security perspective.
Now on to getting Stunnel to work to provide VPN access so I can browse my home network from wherever - since while it may work fine, I just don't trust the XP VPN stuff...
posted by John C @ 10:04 AM
0 Comments:
Post a Comment
<< Home