I installed pcAnywhere on a coworker's computer so she can access her work computer from home, but it is telling me that I have to open the symantec ports on the router and I have no idea how to do that. It is a Lucent Technologies Pipeline router. Can anyone help? Thanks!
Don't do it - if you open the ports on a simple router, you are opening them to the WORLD. PcAnywhere is a nice product, but you need to setup a VPN to connect between the locations.
If the office has a dedicated IP address you should get a quality router that also provides a minimum of PPTP VPN end-point access and let her VPN into the office.
I second Free's assertion above...
however, if you MUST (for whatever political/financial/whatever reason) permit such connectivity do at least the bare minimums...
alter the listening ports on PCAnywhere to something nonstandard, and don't put the two ports close to one another... (however, an experienced hacker can probably still determine which service is waiting on your port, even if it is nonstandard)...
also, use the highest level of PCAnywhere encryption possible for your version and DON'T marry the username and password to the local/domain user account... make it something unique.
At the very least, you have made your unscrupulous intruders task a bit more challenging... Also, keep an eye on your firewall logs to see if any clients are connecting to that host OTHER than the one you were expecting.... Also, keep in mind, most firewalls do NOT retain logs for very long... so you may need to set up a syslog server to keep track of that info... don't worry, that part is easy.
A second affirmation to Free... Don't muck around w/ your firewall unless you understand what you are doing. Leave that to the "pros" hahaha.... of which, most aren't even close... also, get them to document for you what they have done (including any other inbound permissions they may have enabled)... NOTE, I have noticed MANY consulting firms these days are permitting straight terminal services connections to inbound hosts (often servers).... in my arrogant opinion, DON'T LET THEM DO IT!...
okay,,,, enough ranting...
Thanks, redneck
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.