>Hi all,
>
>Working on security stuff again today. I use RDC to log into one of my customer's servers to upload changes/source code etc and test. In discussion with them, they had talked about closing down their RDC server because it "opens a security hole because [they say] when the RDC session is open, then anything from your desktop could find its way to our servers".
>
>In a way, I can see this (I have not yet checked if AD group policy has options to prevent drive mapping etc - I will look into that later).
>
>If RDC is not that secure, are there other programs that allow an RDC-like connection where the only thing going back and forth are keyboard/mouse and video? In a sense, the program would open screen into their RDC server but nothing can really pass between my PC and their server other than what I type. I would have to transfer updates via another mechanism but I could tell them that nothing else can move across the wire.
>
>Albert

One thing we do is have a shared third party location. We transfer files from our local PC to that location, and then remote into the non-local machine using TeamViewer and access everything from a local login on that machine.

We've never had an issue, but I can't speak to any security holes doing it that way or not.

We use a similar process for providing remote support to our customers. We ship a version of TeamViewer that is licensed to communicate with us only, and we are able to log on to their machine and see their app and examine whatever it is they need help on.

We also have one customer that uses RDC and it causes problems when more than one user logs in. We encountered that just last week. One of the .ini files used by Mere Mortals can be updated by a particular user, and those on the system begins using files at the new location specified in the .ini -- and completely silently. It's a bug in MM, but it was exposed only through the multiple simultaneous RDC connections into a single machine.