I use hamachi for a quick free remote VPN and use remote desktop frequently over it. I don't know if it runs on mac or linux, but at least on windows based machines I recommend it. I can have remote desktop without having to open ports.
I can't get madmans solution to work. The ssh connection to my wrt is no problem, works like a charme, but I can't rdp to my pc at home (Win XP -> WRT -> Win XP) . Did everything as madman suggested (PuTTY v0.58 ) :
...
- connection -> SSH -> Tunnels
- source Port: 3389
- Destination -> <ip_address_of_windows_client_I_want_to_rdp_to>:3389
- press add
...
But it looks like putty is not listening on port 3389. Netstat -an does not show 127.0.0.1:3389 at all. So rdp to "localhost" does not go into the tunnel, instead it really rdp's to localhost, which is btw. a funny thing Usually rpd cannot connect to localhost, except you run it in win98 compability mode (save all open files before you try that) ;-)
Hi folks,
I'm new in this forum, so I say hi again.
I have tried the login via putty. In putty I have to type my login-name. I write the name, witch I Use for the GUI-Login in the Configuration-Page of my WRT.
Then in Putty I see 'username@dyndns-address:' and I have to type the password.
But if I use this, witch I use for login in the Configpage of my WRT, then Putty say 'Access denied'
Is there a different Username and/or Password for SSH-Login?
Best Regards,
Harry
[edit] Have I to make any configuration in the 'Services'-Tab under SSHd?
Hi folks,
I'm new in this forum, so I say hi again.
I have tried the login via putty. In putty I have to type my login-name. I write the name, witch I Use for the GUI-Login in the Configuration-Page of my WRT.
Then in Putty I see 'username@dyndns-address:' and I have to type the password.
But if I use this, witch I use for login in the Configpage of my WRT, then Putty say 'Access denied'
Is there a different Username and/or Password for SSH-Login?
Same problem for me!
I write the username (example admin) and then it prompt for the password.
I write password and always says "Access denied"!
While SSH-Tunnels/VPN are a great way to accomplish what you are after, there are devices that can detect these types of tunnels and kill them. And as time goes, more and more companies are starting to use these in their network, they are called Intrusion Prevention Systems.
If you don't understand or believe me, research TippingPoint, I used to be an Engineer for 3com's Security devision "TippingPoint"
If you want to be able to access your Home network from anywhere, ESP remote Desktop the best way is to Port Forward the RDP port out to each desktop.
For example, We are going to use the following Range to setup RDP to 10 Boxes in your Network using DD-WRT.
Goto NAT>Port Forwarding
Add 10 Entries
External Port is going to range from 4000 - 4010
Internal Port is always going to be 3389
Internal IP address is going to be that of the Machine you are Targeting
Ext-Port Int-Port IP
4000 3389 192.168.1.25
The above is an Example of what you are going to end up with.
Now when you are done with your Forwarding, you will now be able to access RDP using MSTSC.EXE and the following Entry;
IP:Port_Number
So;
68.72.140.23:4000 <- That would get Entered into MSTSC and you will access whatever box is being forwarded on 4000
While I do love Logmein.com, I cannot suggest it on a GNU forum, its not secure, and anyone how knows how to manipulate that Client can access your server.
That and Web sense can and will Block the "Keep ALive" session between your Server's Client and the Logmein.com Server's Service. Its just not a feasible Solution for someone who needs to access their Home systems for private business needs.
Anyway, thats why I had to add to this post, there are some things you need to consider when opening RDP/Remote access into your home network on the scale of what you are talking about.
Also, make sure you always use Class4 Passwords on any account that is setup for Remote access, it will make the brute force attacks less likely to get through.
Posted: Sat May 16, 2009 22:28 Post subject: Security?
1) what about security? (gimme your IP with opened RDPs and Ill show ya )
2) what if only web-ports are alowed?
3) even sonicwall is not able to identify and block some appz (aka encrypted torrentz, skype, ....) U sure that "TippingPoint" is?
Hey everyone. Long time observer but this is one of my few posts. Love the wealth of information.
I know that this is an older post but, for added security, why not change the port that RDP connects to like in this article?
I just thought to bring this up because many I've read up that many hackers usually look to that port since many people don't think twice about the implications of activating RDP.
Joined: 06 Jun 2006 Posts: 3763 Location: I'm the one on the plate.
Posted: Tue Aug 18, 2009 1:05 Post subject:
Grimwald wrote:
I know that this is an older post but, for added security, why not change the port that RDP connects to like in this article?
Port address translation done by the router that jmounts mentioned accomplishes the equivalent, and also allows for connections to multiple discreet computers on the LAN.
Thanks, I noticed that after I posted.
Right now I am reading through the post but am having a strange problem that is probably pretty simple to solve. I have logged into my router and woke up the PC, but when I try to RDP into it the connection is refused.
I ran wget on google (I'm at work) and I got:
Connecting to www.google.com (74.125.53.106:80). I'm rather new at this so bear with me.
I am reading through the posts, do I have to forward any ports or configure anything else?
I did change the port on my target machine.