COMMENTARY--By now you've probably heard of Trojan horses that can infect your PC and give a malicious user access to all your data. The well-known SubSeven is one such Trojan horse. Its victims notice something is wrong when their applications open and close on their own, or their mouse moves across the desktop without their help.
While a stranger gaining access to your PC is a scary thought, what if you were the one hacking into your own PC? Aren't there times when you're away from your computer, but would like to be able to grab files from it?
PERHAPS ANTICIPATING this need, the latest version of Windows features its own remote access tool. However, in order for this tool to work, the remote machine must be running Windows XP and the host machine must be running Windows XP Professional. Also, remote access with XP behind a firewall can be cumbersome to configure and execute. And it remains to be seen whether Windows XP remote access is secure over the long run. Given Microsoft's recent track record, I wouldn't be surprised to hear of a major system vulnerability rooted in the remote access feature of XP.
So are there any alternatives? Turns out there are plenty.
I've been checking out some third-party software applications that will give you hacker-like remote access to your PC. Here are four of the most secure.
- GoToMyPC. The easiest-to-use remote access package is called GoToMyPC 2.0, an application made by Expertcity. This program allows you to log-on to a host PC remotely via any Java-enabled browser. The latest release blanks the host's monitor and locks the keyboard and mouse, so others can't physically access the host machine while you're inside. One drawback: GoToMyPC allows access to the entire directory of the host PC instead of limiting access. Another drawback is that it won't work with dial-up modem configurations, so both remote and host PCs need high-speed Net connections via DSL or cable modem. The good news is that the Java-enabled browser access by design is pretty secure.
With GoToMyPC, host and remote PCs aren't always connected. So, instead of holding a port open while you're connected, the program continually pings the servers at Expertcity, looking for incoming or outgoing requests made via a couple of different ports. That means this program isn't likely to raise the suspicions of port-scanning malicious users. Another benefit: GoToMyPC erases the Java app when you're through, meaning you can use any borrowed computer to connect to your remote PC. Better yet, GoToMyPC works behind firewalls, and handles all the necessary configuration issues for you. (Click here to try the shareware version of GoToMyPC.)
- pcAnywhere 10.5. This remote access product from Symantec is even more secure than GoToMyPC. It uses up to seven different authentication methods, which allows you to choose the authentication that works best for you. pcAnywhere also allows your host computer to be hooked up to the Net via a LAN, VPN, or dial-up. The program is smart, too, and features a built-in integrity checker to guard against reversed .DLLs or any modifications introduced to the system registry. Also, pcAnywhere has a unique code for each user that prevents malicious users from crashing your private party. (Click here to try a demo version of pcAnywhere 10.0.)
- LapLink Gold. I've used the venerable LapLink Gold from Traveling Software for years. The latest version, 11.0, allows you to create a direct connection with a remote PC, either via dial-up, TPC/IP, or VPN. LapLink has always required user names and passwords to establish contact and uses 128-bit encryption to protect data transfers. Version 11 now works behind firewalls.
- VNC. Finally, there's a free product, VNC (Virtual Network Computing), from AT&T Laboratories. VNC is the most flexible of the packages out there; it works on Windows, Mac, Linux, and Solaris systems. Other than requiring initial passwords to connect, however, VNC does not encrypt the data passing between the host and remote PC, and therefore is not secure. Fortunately, VNC allows you to "tunnel" through more secure channels, such as SSH. Better yet, the source code is available, so you can check it for any hidden back doors. (Click here to try a free version of VCN.)
Now you can have the same capabilities as a hacker, but use them for your own personal good.