Remote access to your PC

Logmein also makes a neat little VPN application called Hamachi... runs irrelevant of OS... for those looking at a free VPN solutions

These VPN programs scare the bejeezers out of me. Aren't they a pretty serious security risk?

LogMeIn Hamachi Security

Hamachi is secure. All Hamachi communications are encrypted and authenticated with industry-standard algorithms and protocols. Nobody will be able to see the data transmitted between two Hamachi peers.

Not even us.

For more detailed information, please check the Security Architecture description.


Encryption

Encryption is a method that scrambles and unscrambles various pieces of information so that they can be sent securely from one location to another.

* In the case of LogMeIn Hamachi, a key exchange takes place between peers once each is authenticated by the Hamachi mediation server, and a tunnel has been established. This ensures that only the peers you designate can decrypt your data. Every message is also uniquely numbered to prevent replay attacks.

Authentication

Authentication ensures that the identities of everyone in your network, from the LogMeIn Hamachi servers to your peers, are verified.

* LogMeIn servers authenticate all peers using a RSA key-pair. To login, the client submits its Hamachi IP and uses its private key to sign the server's challenge. The server verifies the signature and this authenticates the client.
* Hamachi peers authenticate LogMeIn mediation servers using a RSA key-pair. When the client connects to the server, it announces which key it expects the server to have. If the server has the requested key, the login sequence commences.

Administration

Every LogMeIn Hamachi peer has administrative options to help maintain the security of their Hamachi networks.

* Password Protection
* Network Lock
* Membership Approval
* Member Eviction
* Member Ban
* Create Network Administrators

Dave, agreed, but any communications technology has security risks. Take a popular OS, throw in a forced install of the worst security-wise internet browser available, and just browsing to any page on the web can become a huge risk.

With file injections into websites without webmasters knowing about it, a seemingly safe website can become a deathtrap to an unsuspecting user.

Viruses are being sent over MSN/Yahoo... Without user interaction...

The thing as with any technology, is that it needs to be set up correctly and be administered correctly... I have accountants who have VPN connections from their notebooks in order for them to drive to a client, log securely onto their server and retrieve files or documents needed.

VPN's are being used more and more by remote users who either work from home or from small satellite offices. Having a secure setup, makes all the difference!

I use something called TightVNC (www.tightvnc.org). It's based on something called RealVNC but the RealVNC guys charge for features that come with TightVNC (free). The "Tight" comes from the protocol they've used which was originally made so you could use it on dialup so it's pretty damn fast.

As for Hamachi it's probably the easiest VPN ever. It wasn't made by Logmein but rather bought because it was so good. It's not really "corporate" grade but as I say it's helluva easy to set up, in fact it's probably easier than setting up MSN or something.

As for the security pretty much all VPN software encrypts traffic. In fact the only way you can set up something without encryption is using PPTP but that's basically always used as part of a VPN solution.

I think the biggest security hazard is when laptops get stolen and they are configured to not need a password, or they have the key saved for the VPN. As with bank cards etc if the VPN administrator has set it up properly they will be able to just disable that laptop from connecting. The easiest thing would be to not save any passwords.

As a sidenote one of the new features of Vista that's actually useful is full disk encryption, great for people who need mobility and also access to sensitive data that you wouldn't want falling into the wrong hands.

Great post. LogMeIn definitely, works really well in remote access of computers. Alternatively, I have used other remote support services such as gosupportnow; GoToMyPC etc. and they are good too. One can even consider having on premise remote support appliance installed such as RHUB remote support appliances for remotely accessing computers from anywhere.

Another one is Teamviewer.

(Amazing the developments in the last 5/6 years )

Strange how everyone's going on about these "new" VPN / Remote Desktop apps. I remember using Norton PC Anywhere in the mid 90's (at that time it could connect using either TCP/IP lan/wan/internet or direct through a modem dialup to the remote PC), they're still around: http://us.norton.com/symantec-pcanywhere/

Prior to that I used something called LapLink to connect between 2 DOS PC's with only a serial cable / modem between each other - no network involved. Though their new version has a lot more than it used to (not that I'm surprised in more than 20 years of R&D): http://ww2.laplink.com/lle5/index.html

As for security, yeah it doesn't matter how "secure" the connection software is, there's no such thing as an impossible to break security system. Especially if users do some "stupid" stuff.

We've had some issues with VPN in the past though: Some countries disallow such connections. And one of the countries we worked in a lot was in the middle east, and flatly denied any such connection (in or out). Worse if such attempt was made more than 10 times, your server IP was listed as an undesirable server and no connections were subsequently allowed (not HTTP/FTP/any other).

I like UltraVNC for local access - www.ultravnc.com or I use TeamViewer for remote locations - http://www.teamviewer.com/en/index.aspx

Teamviewer has a different password for everytime you open up the program.