Remote admin once again. I'm extremely careful about what I set up for
remote admin, and usually tell my customers that I prefer to have all remote
admins turned off and disabled, including things like remote desktop, etc.
Just too much vulnerability. They sometimes don't like it because if I have
to change something I have to go to their place and do it. I tell them, hey
look, would you rather spend the extra money for a personal visit or lose
thousands of dollars of business due to corrupted files, stolen accounts,
and other problems that can shut down your business? When they think of it
that way, they opt to lock things down as tightly as possible.

The only remote exception I make is for security cameras, but then I have
heavy passwords, a firewall that open only the bare minimum ports necessary
to run the function, and at least one NAT. I never allow cameras (or other
devices) to be exposed to the assigned IP or even to the NAT provided by the
ISP's router. I always put in at least one more translation.

The only static IP I have set up for anyone was done because that was the
only way I could make it work with the camera equipment involved, and all
admin functions are disabled, except to look at the video in realtime.. That
way nobody can get in and erase stored video, reformat the HD, or any of
that.






---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

In article
Netgear and security? Some of their routers have unauthenticated telnet
from LAN permanently stuck on. I'll never touch them again.