REMOTE CONTROL, REMOTE ACCESS
Aug 18, 2022: This page is not a checklist. It is also new and may not be fully fleshed out.
There are two approaches to remotely accessing a computing device (usually the remote device is a desktop computer, but the concept applies to laptops, phones and tablets too). I like to refer to the two approaches as inny and outty.
The RDP service in Windows is an inny system. The Quick Assist feature in Windows 10 is an outty service. RealVNC used to be an inny service, then they added an outty option and now they charge more for the inny scheme.
An inny system should be more reliable as there is no dependence on the availability of the middleman service. Granted, it may depend on DDNS, but in my experience that has been very reliable.
Which is safer is a debatable point.
The big security issue with an outty system is the middleman company. Who knows if they can spy on the remote connection? I know of no way to audit this.
The big danger of an inny system is that it opens up the remote computer to the world, so bad guys anywhere can try to get into the remotely accessible computer. An inny system can be made safer, but it takes work. Here are some steps to increase the security of an inny scheme:
The classic response for securing any remotely accessible service is to place it behind a VPN. The downside to that is that it requires the care and feeding of a VPN server, not to mention obtaining one in the first place. And, assorted VPN servers have had their fair share of security flaws. To me, picking a consumer VPN provider and setting source IP rules that include a few of their VPN servers seems like a simpler approach that should be just as secure. Some consumer VPN providers will even provide a static public IP address, for an additional charge. That too, would make a great source IP address for locking down an inny remote control system.
|This page: 5 views per day (over 173 days) Total views: 788 Created: August 18, 2022|
August 18, 2022
2.9 minutes ago