Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
How safe is RAdmin.exe
- Thread starter IFRs
- Start date
Several 'safer' advantages:
Uses only one giveaway or telltale port (4899 default). Others need at least 2 or 3 open ports. Alternatively, you can choose a different access port from the 'default' port (adviseable).
WinNT user level security support - can restrict access to specific users or user groups.
IP filter (option) - can restrict access from specified IP addresses and subnets only.
All data, including screen images, mouse movements and keypresses are encrypted (128 bit Twofish encryption is used).
Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
Uses only one giveaway or telltale port (4899 default). Others need at least 2 or 3 open ports. Alternatively, you can choose a different access port from the 'default' port (adviseable).
WinNT user level security support - can restrict access to specific users or user groups.
IP filter (option) - can restrict access from specified IP addresses and subnets only.
All data, including screen images, mouse movements and keypresses are encrypted (128 bit Twofish encryption is used).
Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
- Thread starter
- #3
All these things are nice, and reasons I am looking at RAdmin. There is also a challenge popup for the user to accept or deny access and a default action if the user popup times out.
However, I have been challenged to support remote access. Others say it is too high a risk to even consider.
However, I have been challenged to support remote access. Others say it is too high a risk to even consider.
What are you trying to achieve? Are you in an NT/WINXP based environment? What kind and number of users are you supporting (knowledgeable)? What kinds of security sensitive issues have arisen in the past? Do you have reason to be paranoid over your current environment (such as hacker/keylogger/spyware or trojan infestations issues) or of past user issues (password vulnerabilities)?
How sophisticated are your current security measures - do you have a HW firewall (including SPI) and/or an IDS (intrusion detection system)? How many risk reduction security layers (such as non-stanadard port usage, access barriers, filters, and antispyware prevention/defensive tools) would be considered reasonable and acceptible?
Ultimately, what is the cost/benefit equation? How do your users benefit significantly? How much more productive and cost effective are your support efforts going to be?:
Timeliness and quick response?
Cost of delays or overtime?
Support burnout?
What is the worst security risk that could be anticipated and how quickly might available security measures detect and deal with it?
What about a pilot project on the Internal LAN (only) to build a support profile learning curve?
Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
How sophisticated are your current security measures - do you have a HW firewall (including SPI) and/or an IDS (intrusion detection system)? How many risk reduction security layers (such as non-stanadard port usage, access barriers, filters, and antispyware prevention/defensive tools) would be considered reasonable and acceptible?
Ultimately, what is the cost/benefit equation? How do your users benefit significantly? How much more productive and cost effective are your support efforts going to be?:
Timeliness and quick response?
Cost of delays or overtime?
Support burnout?
What is the worst security risk that could be anticipated and how quickly might available security measures detect and deal with it?
What about a pilot project on the Internal LAN (only) to build a support profile learning curve?
Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
- Thread starter
- #5
Good questions.
I have a non-profit organization with 8 PC's. All are running Win98 (don't ask). They have a DSL connection through a router. I have volunteered to revamp their accounting software, among other systems. Each PC runs ZoneAlarm and Avantis AV. The users are mostly non-technical, just doing their jobs. I want to use RAdmin through the accounting software configuration, data transfer, initial startup and daily support. I have run into a brick wall from a very dedicated long-term volunteer who has considerable knowledge and experience and has taken a terible situation and made sense out of the hardware, software, network and backup systems. He is 100% against any hole in the security system.
I don't know if I can really asuage his fears. I want remote access because of the amount of time I need to "be there" and can't physically "be there".
I have a non-profit organization with 8 PC's. All are running Win98 (don't ask). They have a DSL connection through a router. I have volunteered to revamp their accounting software, among other systems. Each PC runs ZoneAlarm and Avantis AV. The users are mostly non-technical, just doing their jobs. I want to use RAdmin through the accounting software configuration, data transfer, initial startup and daily support. I have run into a brick wall from a very dedicated long-term volunteer who has considerable knowledge and experience and has taken a terible situation and made sense out of the hardware, software, network and backup systems. He is 100% against any hole in the security system.
I don't know if I can really asuage his fears. I want remote access because of the amount of time I need to "be there" and can't physically "be there".
Fear, like worry, is often irrational and most often a very exaggerated response to the 'unknown'. Can he name that concern and narrow it down to inbound or outbound traffic issues. By responding to such concerns it may be possible to acceptibly monitor and manage any perceived relative risks and to get the concessions that you are looking for.
You have made no mention of antispyware scanning tools (SpyBot, AdAware, SpySweeper, or PestPatrol). Is there a lack of fear sensitivity or 'concern' in those areas? Do you have a HOSTS file on each PC - bad surfing choice prevention? Disabling most ActiveX capabilities (SpywareBlaster tool would be a help here)?
What about tools to obtain Real Time Monitoring of Inbound / Outbound Traffic. If you have a Linksys, Netgear, or ZyXEL router/firewall there is an inexpensive tool, Linklogger ( that can generate email ALERTS for areas of sensitivity.
You need to assign a different unique port on the router (and port forward) for each computer you will need to access. Therefore you could start with one approved PC, only. Access needn't be 24/7 - you could set up a (free) DUC (dynamic update client) at where a time restricted access option could be defined.
You probably need to keep a support log detailing response delays and time spent, what was addressed, how it was addressed and how it might have better been handled.
You need to improve the security monitoring and response profile for these PCs and the business justification for your proposals may be a lot easier.
Volunteer on your own terms or potentially back away to make your points of issue clearer (delayed response).
Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
You have made no mention of antispyware scanning tools (SpyBot, AdAware, SpySweeper, or PestPatrol). Is there a lack of fear sensitivity or 'concern' in those areas? Do you have a HOSTS file on each PC - bad surfing choice prevention? Disabling most ActiveX capabilities (SpywareBlaster tool would be a help here)?
What about tools to obtain Real Time Monitoring of Inbound / Outbound Traffic. If you have a Linksys, Netgear, or ZyXEL router/firewall there is an inexpensive tool, Linklogger ( that can generate email ALERTS for areas of sensitivity.
You need to assign a different unique port on the router (and port forward) for each computer you will need to access. Therefore you could start with one approved PC, only. Access needn't be 24/7 - you could set up a (free) DUC (dynamic update client) at where a time restricted access option could be defined.
You probably need to keep a support log detailing response delays and time spent, what was addressed, how it was addressed and how it might have better been handled.
You need to improve the security monitoring and response profile for these PCs and the business justification for your proposals may be a lot easier.
Volunteer on your own terms or potentially back away to make your points of issue clearer (delayed response).
Vince
_____________________________________________________________
[*** If everyone is thinking alike, then somebody isn't thinking. ***]
- Status
Similar threads
- Locked
- Question
- Locked
- Question