I think you'll understand what I'm trying to say here so....

An ex-colleague of mine now works for a small company with one NT4 Server, single domain network. Only 10 of them in the building. They have an ADSL link to the internet going via a 2nd network card in the server and some good firewall/router software. They also have PC anywhere running so that they can access the server from the internet using the same software from home. They have the appropriate 2 ports open on the firewall to access pcanywhere and they say it works OK.

What concerns me is that the 2 ports they use are the default ports for pcanywhere, and are obviously well known ports by (suspicous?) people. They have password protected the pcanywhere accounts but that's it. Something about this setup has me nervous, so I wanted to get some opinions from the good people here at Windrivers because my use and knowledge of pcanywhere is minute.

Are they at risk leaving these 2 well known ports open?
Is this setup something anyone here uses, accessing servers directly from the internet?

Any opinions welcome!