Security question

I have two computers at home. I want to use Remote Desktop to access
one computer from the other while the video card is being shipped to
the factory for warranty replacement. They share a connection to the
Internet through a router, which has a firewall. Am I correct in
believing that there is no security risk from outside? The only way
there could be is if Remote Desktop somehow allowed access through the
router's firewall.

On Wed, 11 May 2005 19:57:31 -0500, "Sooner Al [MVP]"
<SoonerAl@somewhere.net.invalid> wrote:

>If you access/control your PC from a remote location and do not use a password to login then your
>opening up your PC to a potential and probable security risk. I suggest you always use a strong
>password...

If you want both computers to be able to access each other from behind the
router (inside your local network), the you have the appropriate ports open
on your router to allow the two computers to do this. Once the ports are
open, then anyone (inside or outside the local network) can run a port scan
and determine if there is a computer listening on a particular port, e.g.
port 3389 (Remote Desktop).

Unless you disable internet access for your two computers, then yes, there
is a danger. Your router firewall is nice (most routers use one) but it's
not a silver bullet. Run a port scan at www.grc.com to see how easy it is.


"Cliff Lewis" <clewis@gwis.com> wrote in message
news:c7g68111vrbi8msnlpeu5mjb5rc9n071q0@4ax.com...

>I have two computers at home. I want to use Remote Desktop to access
> one computer from the other while the video card is being shipped to
> the factory for warranty replacement. They share a connection to the
> Internet through a router, which has a firewall. Am I correct in
> believing that there is no security risk from outside? The only way
> there could be is if Remote Desktop somehow allowed access through the
> router's firewall.
>
> On Wed, 11 May 2005 19:57:31 -0500, "Sooner Al [MVP]"
> <SoonerAl@somewhere.net.invalid> wrote:
>

>>If you access/control your PC from a remote location and do not use a
>>password to login then your
>>opening up your PC to a potential and probable security risk. I suggest
>>you always use a strong
>>password...

>

I tried the port scan. It passed (full stealth status), even when I
probed port 3389 explicitly and even when I was logged on to the other
computer using Remote Desktop. I would conclude that my configuration
is safe.

It seems that Remote Desktop requires some kind of password no matter
what the configuration. It refused to connect due to an "account
restriction" until I defined a password on the host computer.


On Thu, 12 May 2005 14:20:42 GMT, "Fitz" <SENDNOMAIL@hotmail.com>
wrote:

>If you want both computers to be able to access each other from behind the
>router (inside your local network), the you have the appropriate ports open
>on your router to allow the two computers to do this. Once the ports are
>open, then anyone (inside or outside the local network) can run a port scan
>and determine if there is a computer listening on a particular port, e.g.
>port 3389 (Remote Desktop).
>
>Unless you disable internet access for your two computers, then yes, there
>is a danger. Your router firewall is nice (most routers use one) but it's
>not a silver bullet. Run a port scan at www.grc.com to see how easy it is.
>
>
>"Cliff Lewis" <clewis@gwis.com> wrote in message
>news:c7g68111vrbi8msnlpeu5mjb5rc9n071q0@4ax.com.. .

>>I have two computers at home. I want to use Remote Desktop to access
>> one computer from the other while the video card is being shipped to
>> the factory for warranty replacement. They share a connection to the
>> Internet through a router, which has a firewall. Am I correct in
>> believing that there is no security risk from outside? The only way
>> there could be is if Remote Desktop somehow allowed access through the
>> router's firewall.
>>
>> On Wed, 11 May 2005 19:57:31 -0500, "Sooner Al [MVP]"
>> <SoonerAl@somewhere.net.invalid> wrote:
>>

>>>If you access/control your PC from a remote location and do not use a
>>>password to login then your
>>>opening up your PC to a potential and probable security risk. I suggest
>>>you always use a strong
>>>password...

>>

>

Your correct... If you *DO NOT* forward TCP Port 3389 through the router then there is no risk of
outside folks accessing your PC(s) with Remote Desktop. I have used Remote Desktop in the past for
exactly the purpose you want to do, ie. run a headless PC (no monitor). It worked very well for
that. An alternative is a KVM switch.

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...


"Cliff Lewis" <clewis@gwis.com> wrote in message news:c7g68111vrbi8msnlpeu5mjb5rc9n071q0@4ax.com...

>I have two computers at home. I want to use Remote Desktop to access
> one computer from the other while the video card is being shipped to
> the factory for warranty replacement. They share a connection to the
> Internet through a router, which has a firewall. Am I correct in
> believing that there is no security risk from outside? The only way
> there could be is if Remote Desktop somehow allowed access through the
> router's firewall.
>
> On Wed, 11 May 2005 19:57:31 -0500, "Sooner Al [MVP]"
> <SoonerAl@somewhere.net.invalid> wrote:
>

>>If you access/control your PC from a remote location and do not use a password to login then your
>>opening up your PC to a potential and probable security risk. I suggest you always use a strong
>>password...

>