So I'm the ward clerk, but my schedule doesn't permit me to go to the meeting house during the week for my work. I'd like to either RDP or VNC into the machine, but it appears that all ports are closed, and I'm not sure how to modify the firewall settings.
All I need to do is forward one port to my particular machine. Any ideas on howq to modify the firewall?
VNC Needed- how to open a port in the firewall?
-
- New Member
- Posts: 3
- Joined: Thu Nov 20, 2014 5:49 pm
-
- Senior Member
- Posts: 3909
- Joined: Mon Sep 24, 2007 9:17 am
- Location: Cumming, GA, USA
Re: VNC Needed- how to open a port in the firewall?
Only CHQ can modify the firewall configuration and I'm sure they would not make this kind of modification. Remote access into the church computer to access MLS is expressly prohibited in section 4.10 of the Meetinghouse Technology Policy document.achesley wrote:So I'm the ward clerk, but my schedule doesn't permit me to go to the meeting house during the week for my work. I'd like to either RDP or VNC into the machine, but it appears that all ports are closed, and I'm not sure how to modify the firewall settings.
All I need to do is forward one port to my particular machine. Any ideas on howq to modify the firewall?
However, if you're not already aware of it, you can perform many membership related things using Leader and Clerk Resources. Additional support in LCR to maintain callings and record home and visiting teaching should be released sometime this year, probably within a couple months or so. That's your best option for remote work right now.
-
- New Member
- Posts: 3
- Joined: Thu Nov 20, 2014 5:49 pm
Re: VNC Needed- how to open a port in the firewall?
Hmm, seems like an odd rule.
It is what it is, however. Thanks for the heads up!
It is what it is, however. Thanks for the heads up!
-
- Senior Member
- Posts: 3909
- Joined: Mon Sep 24, 2007 9:17 am
- Location: Cumming, GA, USA
Re: VNC Needed- how to open a port in the firewall?
Not really. Any organization that deals with sensitive information is likely to have a rule that remote access is not allowed without enhanced security. For example my workspace (which deals with sensitive data for background screenings) does not allow any remote access to any company resource except via a VPN which is authenticated using two factor authentication (for most accesses that involves RSA SecureID for us). The cost required for that kind of security would be hard to justify for meetinghouse computers. So the best way to prevent the ability to hack into those computers is to not provide any outside access of any kind.achesley wrote:Hmm, seems like an odd rule.
-
- Church Employee
- Posts: 69
- Joined: Mon Dec 23, 2013 1:54 pm
Re: VNC Needed- how to open a port in the firewall?
Those ports are closed on purpose by church policy. They will not be opened up as it is a security vulnerability. We also do not do custom configurations for a specific building. Even if it was fine to open up those ports, we wouldn't as it would put your firewall on a custom configuration.
Also, any custom configuration would get wiped and erased if any further updates get pushed to your firewall which is another reason we cannot and will not do custom configurations for meetinghouse firewalls.
Also, any custom configuration would get wiped and erased if any further updates get pushed to your firewall which is another reason we cannot and will not do custom configurations for meetinghouse firewalls.
-
- New Member
- Posts: 3
- Joined: Thu Nov 20, 2014 5:49 pm
Re: VNC Needed- how to open a port in the firewall?
I mean, I don't have a problem following a church rule, but having VNC access (or RDP) would hardly qualify at opening a huge security hole. Heck, we just last week got off of a windows xp machine.eblood66 wrote:Not really. Any organization that deals with sensitive information is likely to have a rule that remote access is not allowed without enhanced security. For example my workspace (which deals with sensitive data for background screenings) does not allow any remote access to any company resource except via a VPN which is authenticated using two factor authentication (for most accesses that involves RSA SecureID for us). The cost required for that kind of security would be hard to justify for meetinghouse computers. So the best way to prevent the ability to hack into those computers is to not provide any outside access of any kind.achesley wrote:Hmm, seems like an odd rule.
As for security, it doesn't have to be insecure- VPN might be overkill, but SSH tunneling or encypted VNC is possible and not even difficult. I'm just saying that it would be very beneficial to have offsite access.
I guess I'll just wait for LCR to replace MLS =)
- johnshaw
- Senior Member
- Posts: 2273
- Joined: Fri Jan 19, 2007 1:55 pm
- Location: Syracuse, UT
Re: VNC Needed- how to open a port in the firewall?
The rule has been extremely disappointing to me and my clerks over the years as well. It made even less sense when there was absolutely NO access to LCR. Frankly, I just don't get it. At one point the desktop team in a presentation challenged us to provide any use-cases where Remote Access was needed and we got nothing out of it but chirping silence on the other side of the internet.
i think we just need to wait it out until LCR completely replaces MLS. Until then, someone else knows best, When a Stake President or Bishop asks you for information, tell them the Church doesn't allow you to have access to the data other than on Sunday and if they want information it would be helpful to ask with plenty of time notice so you can get the needed information.
Make sure you are using LCR to the full extent possible. I think you'll find that most things are there.
i think we just need to wait it out until LCR completely replaces MLS. Until then, someone else knows best, When a Stake President or Bishop asks you for information, tell them the Church doesn't allow you to have access to the data other than on Sunday and if they want information it would be helpful to ask with plenty of time notice so you can get the needed information.
Make sure you are using LCR to the full extent possible. I think you'll find that most things are there.
“A long habit of not thinking a thing wrong, gives it a superficial appearance of being right, and raises at first a formidable outcry in defense of custom.”
― Thomas Paine, Common Sense
― Thomas Paine, Common Sense