|
|
 |
|
LapLink Secure VNC - Security FAQs
| How secure is LapLink Secure VNC?
 Access to your LapLink Secure VNC desktop generally allows access to your whole environment, so security is obviously important. LapLink Secure VNC utilizes the LapLink Everywhere connection which has SSL encryption. We leverage HTTPS to securely transmit your information over the Internet, using Secure Socket Layer (SSL) encryption. This is the same technology used by major e-commerce sites to securely transmit credit card information over the Internet. You can verify that you have end-to-end encryption by confirming that your browser is showing a small yellow padlock in the lower right area of your browser. Before you can even obtain access to LapLink Secure VNC however, you must provide your LapLink Everywhere username and password which are stored using non-reversible MD5 encryption. Once you have access to LapLink Everywhere though you still do not have access to LapLink Secure VNC yet as you must provide a LapLink Secure VNC password which utilizes a challenge-response password scheme: The server sends a random series of bytes, which are encrypted using the password typed in, and then returned to the server, which checks them against the 'right' answer.
Top
|
|
| Will LapLink Secure VNC work through a firewall?
Yes. When the LapLink Everywhere host software starts up, it opens and maintains a continuous connection to a secure LapLink server, which resides outside of the firewall. When you attempt to access the LapLink Everywhere host computer with your browser, the LapLink server uses this connection to establish that link. LapLink Secure VNC utilizes this continuous connection to the secure LapLink server allowing remote control access.
Top
|
|
| What can a Corporation do that is concerned about remote control functionality?
LapLink has the following options available to assist Corporations with this issue:
- LapLink can work with you to establish your own LapLink Everywhere Center which will provide you with the flexibility of managing your own corporate access permissions by employee, allowing any combination of E-Mail, Files and Remote Control accessibility all with in your own Corporate Network/Environment.
- If you don’t wish to host your own LapLink Everywhere Center but would like the flexibility of working with LapLink to obtain Corporate Licenses and establishing privileges by user for your employee base, we will work with you to implement this.
- If the options above are not something you’re interested in you can prevent your company computers from being accessed via the LapLink Secure VNC service by using your firewall to block access to the host rc.ll2go.com. We do not recommend this method however, as it prevents all LapLink Secure VNC usage, including your authorized LapLink Secure VNC users.
Top
|
|
| Which TCP/IP ports does LapLink Secure VNC use?
A WinVNC server listens on two ports. The exact port numbers depend on the WinVNC display number, because a single machine may run multiple servers. The most important one is 59xx, where xx is the display number. The LapLink Secure VNC protocol itself runs over this port. So for most PC servers, the port will be 5900, because they use display 0 by default.
In addition, WinVNC servers normally have a small and very restricted web server built in, which allows you to connect a browser to them and use the Java viewer. This runs on port 58xx. Note that this is the HTTP port used for downloading pages and applets, but once the applet is running it uses 59xx for WinVNC just like any other viewer.
LapLink Secure VNC however, in order to provide 128 bit end to end encryption, as well as two levels of challenge-response schemes, does not utilize these VNC ports. Instead we leverage HTTPS to securely transmit your information over the Internet, using Secure Socket Layer (SSL) encryption.
This is the same technology used by major e-commerce sites to securely transmit credit card information over the Internet. You can verify that you have end-to-end encryption by confirming that your browser is showing a small yellow padlock in the lower right area.
Top
|
|
| What keeps a third party from bypassing your secure servers and accessing my PC directly?
LapLink Everywhere never accepts socket requests; instead, LapLink Everywhere creates a connection with our servers and only receives information requests from our servers via this connection.
Top
|
|
| What keeps a third party from hacking your servers to access my information?
We NEVER store any of your emails, contacts, appointments, or files on our servers; instead, our servers simply request and format the information directly from your PC each time you access https://www.ll2go.com to request something.
We do store your LapLink Everywhere password on our servers and have implemented multiple levels of security to protect your password...
- Passwords are stored using non-reversible MD5 encryption (even our internal staff cannot access passwords)
- Our servers are located in a high security data center with restricted physical access based on biometric hand scanners
- High security servers with restricted internal access based on security policy
- Failed logins have a long delay which makes it difficult for someone to try lots of passwords quickly
Top
|
|
|
