Jump to content

Setting Up the Most Secure Remote Access to My Workstation


virtualn00b

Recommended Posts

Setting Up the Most Secure Remote Access to My Workstation ..possible.

Hey All,

I'm trying to figure out the most secure remote access to my windows 7 machine. This is a machine I use sometimes at a company I do work for. They have opened up an ssh port for me (orignally a mac workstation). I was looking into some ssh server options for windows (limited) I also referenced episode 1110 where Darren & Snubs talk about windows ssh servers. I like the bitvise option being able to utilize kerberos and public keys. Do you guys/gals think using a windows ssh server is kind of silly for "the most secure" remote access to my workstation? Yall think I should use a host based vpn service or somehting? I plan on utilizing my windows firewall, I also have ossec, emet, and av running on the box. I would actually like to tunnel rdp over ssh without headaches. Am I reaching for the stars with that one?

Any tips/suggestions are greatly Appreciated

Thank You

VirutalN00b

Link to comment
Share on other sites

VPN into home network, then RDP to the desktop machine you want access to would be my way. You can download an OpenVPN VM already setup from Turnkey linux so you don't have to mess with trying to set it up. Then just put the client software on one of your remote machines, VPN into the home VM, and from there, RDP into the win7 box.You can internally port forward port 22 externally to the VPN port on the inside network using your home router, just know that you won't be able to use SSH on anything at home though if you do it that way.

Other options, TeamViewer, which works around NAT and doesn't require port forwarding, but if on Windows 7, some things you go to do, will require UAC control, and you'd be stuck waiting for someone at home to click ok, so not the greatest solution unless you disable UAC and set TeamViewer to run as administrator, which I don't really suggest. VPN for me is the safest for a WIndows machine, then RDP to the other machines you want access to.

Link to comment
Share on other sites

Just so you have another option, how about forwarding a random external port to 22 on that box and installing cygwin on it with openssh running. You can then have RDP listening just on the local network and use ssh to port forward the port to wherever you are.

Basically as above but using ssh as a quick and easy VPN.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...