PCAnywhere and Remote Desktop

[DrKBongo]

Hi all

I have plenty of Windows XP boxes on my network,
would really like to start using Remote Desktop.
Problem is a bunch of them have PCAnywhere installed,
and RD won't run. It has something to do with a file
called awgina.dll - which gets in stalled by PCAnywhere.
The Windows version of the file which does work for RD,
is msgina.dll (I think)

Does anyone know of a way to have the 2 apps co-existing on the same box?

Thanks in advance.

Kevin

 

[eyec]

not knowing your entire situation, i offer this.
why not use Citrix or something similar for remote access to your network boxes?

this would be more secure and probably less intensive from an admin point. additionally, the use of the 2 programs you mention are a security nightmare.

a VPN would offer another solution (possibly).

 

[secutanudu]

You could also try VNC for remote control -

http://www.realvnc.com

- that program is free.

Another good one (not free) is dameware.

 

[DrKBongo]

Sorry, I'll explain.

The reason I'm asking about this is because my work PC (WPC)
I use PCA to connect to all our servers, saves me running in and out of the comms room all day.

When I'm at home, I remotely connect to work's firewall,
securely authenticate, which then creates me a tunnel to the
Terminal Server. I then establish and RDP connection to the TS. While on the TS I would then have to PCAnywhere to my WPC in order to check out the rest of the network as Terminal Server has restricted access.

I just prefer RD I find it easy to use and pretty fast.
Thanks for your help.

 

[eyec]

you also just explained how hackers get into your network!

that is why i recommended the VPN.

 

[bcastner]

PC Anywhere and RD use completely different ports.

You can use both products on the Host machine at the same time.

Your description of creating the VPN tunnel first, then connecting to the machine makes perfect sense.

Could you specify the logon issue you have in detail with awgina.dll?

Replacing the msgina.dll is non-trivial, but I thought the issue had been sorted by upgrades by Symantec.

 

[Empmark]

I have had the same issue and unfortunately never found a solution. We use Carbon Copy (with Altiris) to remote to most of our clients but some require pc anywhere for a third party support (pain in the...). I spoke with Symantec but they don't support any way of having more than 1 remote control app, including rdp, on the same box. If you do find a workaround please post it I would love to see it.

I am also not sure why your scenario, which sounds like a vpn connection to your network and then rdp from there, might be unsecure. Are you using a pix or similar firewall and then a vpn client from your home? I don't see that as an issue.

 

[Empmark]

Good point Bcastner. I haven't upgraded my pcanywhere clients for a while so maybe that will do it. Glad this post was here so I can revisit the issue as well.

 

[cdogg]

I use PCAnywhere 11.0 on several of my XP Pro workstations. I've never had an issue using Remote Desktop at the same time. I'm pretty sure I used version 10.x at one point as well.

If you have an older version of PCAnywhere, seeing that they come out with a new version about as often as MS patches, then you may need to upgrade.

____________________________________________________________________
On a side note, but related, I would welcome suggestions from [blue]eyec[/blue] and others on how to improve security on my home network. I often RDP into it from work. Right now, it's going through a Linksys router (BEFSR41) that has a TCP port open which gets redirected to one of my workstations listening on the same port. Zonealarm Pro has been configured to only allow Remote Desktop access to that port.

How would I go about setting up a more secure connection, possibly using VPN? Sending me to a link for reading would be fine.

Thanks in advance...



~cdogg
[tab]"All paid jobs absorb and degrade the mind";
[tab][tab]- Aristotle
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884

 

[therealtalkinggoat]

put tight vnc on the server (just the viewer)

http://www.tightvnc.com

that will keep any unecessary ports closed... remember, if they have no services to use, they can't hack it, so close down the ones you are not using... enforce strong passwords. the authentication, password strength, and closing of security holes will prevent hackers from geting in.

once this is done, install tight vnc (viewers and server) on the workstations. this will allow you to connect to the remote pc's just like you were sitting there at the server.

chris

ps sorry for the spelling...

 

[eyec]

i do not remote in to my home/work network, i have copies of just about everything i need on my laptop that i connect to my home network before i go on an assignment, so i have not looked into remoting in.

my home/work network is connected as follows:
dsl modem has a usb connection to my XP box

my ME box is connected to the XP box via cat5 to the NIC

i copy what i need from either box to a flash drive for my W2K laptop

when i need to update/upgrade my laptop software i swap the usb cable from my XP box to the laptop

all boxes run:
ZA Pro - with major setup of the firewall, programs, and components permissions
AVG antivirus
Spybot S&D (including Tea Time)
NO MS FIREWALL
have set IE up with tight security settings
disabled Messenger

regular maintenance includes:
monitoring ports (tcpview) for suspect probing
blocking suspect IP addresses/blocks with ZA**
auto scan with AVG nightly
auto scan of Spybot

because 2 of my 3 boxes are used for work purposes i MUST keep them clean. by running my XP/ME via a gateway i only expose one IP address to the world and using ZA i do not allow anything into the ME box from the outside world. while being able to connect to the internet safely.

**this is one of the best ways to stop uninvited "visitors" from getting through. periodically checking the logs helps identify candidates for blocking.


however, i worked with the IT guys at my previous employer's to get rid of all PCA apps & set up VPNs using RSA secureid tokens. anything shy of that (for a corporate network) leaves room for tunneling in by uninvited "guests".

 

[therealtalkinggoat]

>however, i worked with the IT guys at my previous employer's >to get rid of all PCA apps & set up VPNs using RSA secureid >tokens. anything shy of that (for a corporate network) >leaves room for tunneling in by uninvited "guests".

>you don't use the pca type apps on the exterior , you use >that on the interior of the network. your firewall on the >server will block any other ports that you don't allow...

>because 2 of my 3 boxes are used for work purposes i MUST >keep them clean. by running my XP/ME via a gateway i only >expose one IP address to the world and using ZA i do not >allow anything into the ME box from the outside world. >while being able to connect to the internet safely.

>**this is one of the best ways to stop uninvited "visitors" >from getting through. periodically checking the logs helps >identify candidates for blocking.

right, it's called masquerading for us linux/unix folk...


i may be on the wrong page, here... i was under the impression that you were using terminal services to remote into a server at your office...

 

[bcastner]

cdogg,

Leaving a port or ports open for remote access is not inherently a bad thing.

And you have to do this to allow remote access.

On both ends you want a secure link. Remote Desktop just by itself meets this requirement.

If you consider that it is a username and passwword protected utility, with encryption at the 128-bit level in both directions for all traffic, it is an incredibly secure method of providing remote access.

An open port is different from an open door in your home. Unless there is a way to manipulate the "listener" on that port, it is of no use to hackers.

The XP Remote Desktop feature is not a security risk.

 

[eyec]

right, it's called masquerading for us linux/unix folk...

works to!

who says an MS user can't learn from Linus?

 

[cdogg]

bcastner,
Great, that's what I had originally thought. Recent threads such as this one, however, had me second-guessing it though. Thanks for the clarification...

<sigh of relief>



~cdogg
[tab]"All paid jobs absorb and degrade the mind";
[tab][tab]- Aristotle
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884

 

[bcastner]

cdogg,

A recent stunt by TechTV was to broadcast the IP of a computer with a clean install of XP Service Pack 2, and request that someone hack it. This box (I am asmaed to confirm) had ports 113 and 3389 open.

TechTV dropped the trial after a short period of time because their ISP complained.

But not one soul hacked that box.

 

[DrKBongo]

Hi all,

Thanks for your help, I see that we went a little off-topic,
but interesting nontheless.

I beleive that upgrading to PCAnywere 11, or even trying to find a patch for PCAnywere 10.0, may do the trick.

When trying to establish an RDP connection to a host that is also a PCA host, I receive the following
error

"You cannot initiate a remote desktop connection because
the windows logon software on the remote computer has
been replaced by incompatable software
c:\windows\system32\awgina.dll

to correct this problem, please have the administrator
of the remote computer contact the program vendor for
a version that is compatible with windows"

So I'll see what Symantec have to say.
thanks again for all the replies.