A remote access application allows for screen sharing and resource sharing between devices across the network. In this video, you’ll learn about Remote Desktop Protocol, Telnet, SSH, and other remote access technologies.
<< Previous Video: Scripting Next: Main Index >>
One of the most common remote access technologies in Windows is the Windows RDP, or Remote Desktop Protocol. This allows you to view and interact with someone else’s desktop while you’re sitting at your own desk using the network as the communications medium. There are remote desktop services available in many different versions of Windows, making this a very common way to share Windows desktops and other information. RDP allows you to connect And view an entire desktop or you can simply connect to a single application on that desktop. You can connect to remote desktop devices from Windows. But there are also clients available in MacOS, Linux, iPhone, and many other operating systems as well.
Another type of remote access technology that you probably won’t run into very often is Telnet. The stands for Telecommunication Network and it gives you this console based view into another device running over TCP port 23. Telnet is focused on providing this console access so you’ll be working at the command line, if you connect to another device through Telnet. Unfortunately, though, Telnet does not provide any type of encryption of this information as it’s going across the network. So anyone who is able to gather these packets will be able to see the usernames, passwords, and anything else we type into this Telnet console.
Most IT professionals instead use a different form of connecting to a command line through this terminal view, using SSH, which stands for Secure Shell. And the secure part of this is an encrypted console communication using TCP22. It looks and feels exactly like a Telnet session, but all of the traffic going back and forth over the network is encrypted.
There are also many third party tools for remote desktop or remote control of another computer. One very common form is VNC. That stands for Virtual Network computing. VNC uses the RFB protocol, or Remote Frame Buffer, to be able to view a remote desktop on another system. The VNC is very popular and you can find both servers and clients available for many different operating systems.
There are also many commercial versions of these remote control programs. There is some popular ones, such as TeamViewer or LogMeIn that you can install on many different operating systems, as well. These remote control programs can certainly show you the remote screen and allow you to interact with that remote desktop, but there may be other functions available, such as transferring files or printing to or from a remote device.
If you work in a corporate help desk, you rely on this remote desktop functionality to be able to do your job. But there are also a number of security concerns associated with this remote desktop functionality, especially since it gives someone full access to your desktop. If someone performs a port scan of a network and they see that TCP port 3389 is open on a device, then they know that machine must be running Remote Desktop. All they need is the correct credentials to be able to get into that device, and it’s very common to see a brute force attack occur to try to find the right combination of username and password.
Many third party commercial solutions are designed to make it easy to access your system from outside. And this can have significant security concerns, especially if you reuse your username and password. The attackers may already have a list of usernames and passwords that were used on another website. And they’ll simply use those same credentials on your computer, hoping that you’ve reused exactly the same username and password.
Once they have access through this remote desktop functionality, they can perform the same functions that you perform on your desktop. They can gather your personal information. They can log into your bank, because your bank trusts the browser that’s on your computer. And they can try to purchase things using your browser credentials on your local desktop.