Firewall settings and Remote Desktop

M

mogens

I had to open port 3389 for all programs, as I could not find anything
on how to name the Remote Desktop program in my PCcillin 24. However, I
do not know if this gives an increased security risk, and would have
preferred to only allow incoming traffic for Remote Desktop. So how to
name RD??

Are there any other security advices re how to setup RD? I cannot
restrict access to a predefined IP-address (I will use it at various
changing locations), so basically the only protection between the
savages and my PC is the windows password :-(
 
R

Robert L [MS-MVP]

If you want more protection, you may think about RDC over VPN. That means establishing the VPN first and run RDC.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
I had to open port 3389 for all programs, as I could not find anything
on how to name the Remote Desktop program in my PCcillin 24. However, I
do not know if this gives an increased security risk, and would have
preferred to only allow incoming traffic for Remote Desktop. So how to
name RD??

Are there any other security advices re how to setup RD? I cannot
restrict access to a predefined IP-address (I will use it at various
changing locations), so basically the only protection between the
savages and my PC is the windows password :-(
 
S

Sooner Al [MVP]

Running Remote Desktop through a Secure Shell (SSH) tunnel works equally as
well...

http://theillustratednetwork.mvps.org/Ssh/RemoteDesktopSSH.html

http://theillustratednetwork.mvps.org/Ssh/Private-publicKey.html

A free and simple client for file transfers only...

http://winscp.sourceforge.net/eng/index.php

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...

If you want more protection, you may think about RDC over VPN. That means
establishing the VPN first and run RDC.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on
http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on
http://www.HowToNetworking.com
I had to open port 3389 for all programs, as I could not find anything
on how to name the Remote Desktop program in my PCcillin 24. However, I
do not know if this gives an increased security risk, and would have
preferred to only allow incoming traffic for Remote Desktop. So how to
name RD??

Are there any other security advices re how to setup RD? I cannot
restrict access to a predefined IP-address (I will use it at various
changing locations), so basically the only protection between the
savages and my PC is the windows password :-(
 
M

mogens

Sooner said:
Running Remote Desktop through a Secure Shell (SSH) tunnel works equally as
well...

http://theillustratednetwork.mvps.org/Ssh/RemoteDesktopSSH.html

http://theillustratednetwork.mvps.org/Ssh/Private-publicKey.html

A free and simple client for file transfers only...

http://winscp.sourceforge.net/eng/index.php
Click to expand...
Thanks Al, that was really helpful. I have now tried to follow the
instructions, and everything seems to work except that I cannot get a
connection when typing localhost:3390. I have installed the microsoft
patch, but I can still not connect.

Should say that I have not tried from an external location yet - I'm
connecting on a notebook from within the same network. Do you know a
possible solution to this?

Except from the security of course, I assume that connecting over a
SSH-connection will give a performance improvement due to the data
compression. Or does the packing/unpacking of data overweigh the gain here?

Mogens
 
S

Sooner Al [MVP]

Are you making the SSH connection first with PuTTY? You must connect with
PuTTY, ie. establish the tunnel first, then start the RDP session. When
testing over the local LAN use the private LAN IP of the SSH server. When
testing from a remote location use the public IP of the firewall.

You also might make sure your using the local LAN IP in the PuTTY tunnel
configuration if your not using a hosts file.

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

remote desktop issues between 2 vista pc's 9
Problem Allowing Remote Desktop Through Software Firewall 2
Remote Desktop through a router 6
TCP 3389 and Remote Desktop 6
Remote desktop and SP2 1
XP SP3: Remote Desktop connects via LAN, but outside connection drops 1
security question regarding opening up ports 6
ZoneAlarm and Remote Desktop 4

Top