Langa Letter: How To Ensure Remote-Control Security With XP - InformationWeek
10:50 PM
Fred Langa
Fred Langa
How Cloud Can Streamline Business Workflow
Jul 11, 2017
In order to optimize your utilization of cloud computing, you need to be able to deliver reliable ...Read More>>

Langa Letter: How To Ensure Remote-Control Security With XP

XP's built-in Remote Desktop, Remote Desktop Web Connection, and Remote Assistance are great tools, Fred Langa says, but only if you carefully manage their security implications.

Controlling LAN Access
General LAN access likewise has to be managed, if the RC PC is on a network: Sensitive files on all the LAN's PCs should be locked down (either by setting up file-sharing access via Groups, or at least using password-level protection). It's probably OK to leave "Shared Folders" generally accessible; that's what they're there for: A remote user usually can drop off or pick up files in a Shared Folder without compromising the general security of a PC. But even the simple Shared Folder offers several security options, as is described in How to disable simplified sharing and set permissions on a shared folder in Windows XP. Use the highest security setting you can, short of making access too hard for normal use.

And, of course, all admin accounts on all PCs and servers on any LAN also should have strong passwords. (Actually, it's simpler to say "all accounts on all systems must have strong passwords," but in the real world, that's probably not going to happen. So: at least the admin-level accounts must have strong pa sswords.)

The idea in all of the above, of course, is to make it hard for an intruder to discover the PC that can be controlled remotely; and then, if they do discover it, to make it hard for them to actually gain any access to that PC; and, if they do gain access, to make it hard for them to gain potentially harmful privilege levels on that PC; and to make it difficult for the intruder to access the LAN; and if they do get on the LAN, make it hard for them to gain access to other machines or files there.... Whew!

You get the idea: By having so many barriers in the way of an intruder, you can make illicit access highly unlikely in the first place; and then severely constrain potential exposure and damage, even in a worst-case scenario, where someone does hack into a RC PC.

It also helps enormously NOT to leave Remote Control enabled and available, until or unless it's going to be needed. For example, you might turn it on as you're leaving the office, and then turn it off from home when you're done for the night.

And note that in many of the above steps strong passwords are key: An intruder faced with a series of different, unique, difficult, and un-guessable passwords at every access level to a system or LAN faces a much harder task than otherwise. Absent some driving personal motivation, most casual hackers will simply give up and look for easier targets -- and that's what you want. Although in theory almost any system can be hacked, if you make yours much, much harder to get into than the guy next door's, most hackers will go after the easier target.

For more information on safe passwords, see "How To Safely Store And Manage Passwords"; we'll also update the information in that article in an upcoming column.

Remote Control Services: Proceed With Caution
Once you start using them, you may wonder how you got along without XP's Remote Control services: I use it literally every day to help manage the PCs in my office.

But you do have to be aware of the security implications, and take proper steps to ensure that only authorized users can access the Remote Controllable PCs. With the information above, you should be able to do just that!

To discuss this column with other readers, please visit Fred Langa's forum on the Listening Post.

To find out more about Fred Langa, please visit his page on the Listening Post.

2 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll