Apache Guacamole™

I long ... long time ago, I was not nearly as smart as I am now. Let me explain.

I discovered Remote Desktop Protocol (RDP) back in the early 2000s. You might ask, "2000s?" to which I would reply .. yes. That was, after all, my late teenage years when the last thing on my mind was a career in computer technology. Anyway, discovery of RDP .. I learned 2 important things pretty early on. First, I could remote into my computer and second, I could remote into my computer from another computer over the internet. There in lies a critical, and stupid mistake.

RDP, inherently, is secure, but like anything, it can develop flaws as vulnerabilities are discovered. So opening RDP 3389 to the public is kinda .. stupid. Not as smart as I am now. I know there are half a dozen ways to facilitate a more secure connection to RDP over the internet and I have used and currently use most of those methods. But let's say I'm on my aunt's, sister-in-law's, son's, girlfriend's, sister's tablet and my aunt isn't exactly tech savvy .. if at all. Who is to say that I can trust that tablet if I somehow need information or files from my home computer. Can't install a client VPN on someone elses tablet, not that I would want to log into a VPN on their tablet in the first place. Don't have 3389 open up because I learned that was stupid. Or any other method. What can I do?

I can log into my secure Apache Guacamole server that is publicly published, but locked down to access only to specific IP addresses (ARIN) and use RDP to log into my computer at home and boom without needing a client. It's all a web application and can be accessed from any type of browser. In addition to RDP, I can use VNC, Telnet, SSH, and others. I have many linux servers, including Apache Guacamole, so SSH is awesome.