Transcript Secure Connection to Your Windows XP Pro

Secure Connection to Your Windows
XP Pro Computer Anytime, Anywhere
Present by
Vuong Phung
Operating Systems Administrator
for
The CATS 2005 Conference
Network & Computer Service Center (NCS)
College of Science – San José State University
Why?







Access to your computer anytime from
anywhere (where Internet connection is available)
Transfer files or copy and paste documents
between two computers
Print to a local printer
Better than TightVNC/VNC
Cost $0
Secure
Easy to implement
One of the Working Scenario
SSH Server
Internet
1. SSH tunnel connection
2. RD connection
XP Pro SP2
Campus Network
Windows/Mac OS X/*NIX
Requirement




One XP Pro SP 2
computer
One static IP address
One SSH account on
the network where this
computer resides
I will refer to this
computer as the XP Pro
computer




A Windows 95/98/Me/
NT/2000/XP/Mac OS X/
*NIX computer
A free Remote Desktop
Connection software for
non-XP computer
A free Putty SSH client
software for Windows
I will refer to this
computer as the
Remote computer
Action Overview
1.
2.
3.
4.
5.
Gather information and write it down
Configure the XP Pro computer
Configure the Remote computer
Attempt to make the first remote
desktop connection
Make the connection even more
secure
Gather Information
1.
2.
3.
The static IP address of the XP Pro
computer
The static IP address/DNS name of
the SSH server that you will connect to
The SSH account username and
password
Configure the XP Pro Computer
1.
2.
3.
4.
5.
Update and patch Windows
Verify to make sure it has a static IP
address
Turn on the Remote Desktop option
and allow at least one remote user
Turn off the XP firewall
Verify that port 3389 is listening
Configure the Remote Computer
1.
2.
3.
4.
5.
Update and patch Windows
Download and install Remote Desktop
Connection for non-Windows XP computer
Download and install DigestIT 2004
software
Download and verify Putty software
Configure Putty software (Mac OSX and
*NIX uses built-in SSH command)
Attempt the First RD Connection
On the Remote computer
1.
2.
3.
Use the Putty software to connect to the
SSH server and logon with the provided
username and password (Mac OSX and
*NIX uses ssh –2 –L 3388:your-XP-Pro-IP:3389
username@your-SSH-server)
Use the Remote Desktop Connection
software to connect to “localhost:3388”
Logon to the XP Pro computer for the first
time
Secure the Connection Further
On the XP Pro computer
1.
2.
3.
Change the default listening port 3389
to another port
Turn on the XP firewall
Set the XP firewall to accept only the
remote desktop connection traffic from
the SSH server
Resources
How To on my website
http://ncs.science.sjsu.edu/vphung/index.php?How_To
Microsoft website
Remote Desktop Connection software for Windows and Mac OS X
http://www.microsoft.com/windowsxp/downloads/tools/rdclientdl.mspx
http://www.microsoft.com/mac/otherproducts/otherproducts.aspx?pid=remote
desktopclient
How to change the listening port for Remote Desktop
http://support.microsoft.com/kb/306759/EN-US/
SSHWindows website
To run your own SSH server on your Windows XP Pro computer
http://sshwindows.sourceforge.net/