How To Secure Remote Access On Server 2003?

Introduction

Remote access is the process of connecting your computer to another machine on a network, over the Internet or any other public or private network. Once connected to another machine, you can usually run programs and get access to data stored on that machine. There are many connection methods available in Windows Server 2003, which allows users to connect their computers with the remote server.

Server 2003 provides three main ways for remote connections

Following are some of the ways by which you can connect your desktop PCs with Remote Desktop Services in Windows Server 2003

· Console Session (Direct cable)

· RDP Sessions

· Virtual Private Networking (VPN)

Option 1: Console session :-

This is the simplest way to connect your desktop with a remote server. You can simply use a null modem cable or USB-to-Serial adapter to connect the console port of the computer running Windows Server 2003 with the console port on another PC, using HyperTerminal (included in all versions of Windows)

Option 2: RDP Sessions :-

You can use the Remote Desktop Connection program that comes with Windows Operating System to establish a connection with another computer running Remote Desktop Services. In this mode, you can either connect directly from your desktop to another machine running Terminal Server, or from your PC to an NT 4 Server and then from there connect to another machine running Terminal Services.

Option 3: Virtual Private Networking (VPN) :-

VPN provides a way for individuals using public networks such as the Internet to securely access a corporate intranet. A VPN client uses special TCP/IP-based protocols to tunnel data from an application on one computer through an encrypted connection established by a virtual private network server program running on another computer located somewhere on the Internet. In this mode of remote connection too ,the user who is trying to login needs to have a valid username and password.

Steps to Secure Remote Access on Server 2003

1. First of all you need to login to the server with a valid username and password using a remote desktop connection or console session . Once you are logged in, click on the Start button , then go to Administrative Tools > Terminal Services Configuration.

2. Next step would be to create a new RDP-Tcp configuration under the “Terminal Server Configuration” section. To create a new config click right mouse button on “Configurations” option which is highlighted in blue colour in above figure and choose New > RDP-Tcp option from popup menu which will activate new window

3. Now type in Name for your configuration in the given text box in above figure, once name has been filled just press enter key in keyboard. Then in next window, click on “Client Settings” tab which will activate a new window

4. In this new window, select the option “Require Network Level Authentication”.

5. Now come to Advanced settings and check if both options i.e. Digitally sign communications (always) and Digitally sign communications (if server agrees) are not checked otherwise uncheck them .

6. Once you have done required changes click the OK button , then again go back to Terminal Server Configuration and right mouse click on your created configuration and choose Properties . Then under General Tab which has been activated , just press Ok button and that’s it!!! Your RDP connection is now more secure.

Now you are not able to connect your desktop with the server because of security reasons , but if you really want to access your files stored on the other machine by enabling RDP , then continue reading below .

1. Firstly go back to Administrative tools > Terminal Services Configuration and right mouse click on “Configurations” option which is highlighted in blue colour in above figure and choose New > RDP-Tcp option from popup menu which will activate new window

2. Once new window has been opened , type name for your configuration in given text box under general tab in above figure, once name has been filled just press enter key in keyboard. Then under Client Settings tab tick mark only one option i.e. “Require Credential Security”.

3. Now click on Settings tab which will activate a new window

4. In this step , under Compatibility you need to tick mark one option as shown in above figure by pressing its corresponding button from keyboard i Press F8 button . Once you have done required changes click OK Button , then again go back to Terminal Server Configuration and right mouse click on your created configuration and choose Properties . Then under General Tab which has been activated , just press Ok button and that’s it!!! Your RDP connection is now more secure than before because of credential security enabled.

Now try connecting your remote Desktop by typing IP Address or server name in computer Name field in above window and hit enter key after that type in valid password which you have set when configuring RDP. You will be able to connect with your Server

Conclusion

Remote Desktop Protocol (RDP) is part of the terminal services in Windows Server 2003 and XP Professional. RDP allows you to simultaneously view, keyboard, and mouse control another remote computer. This technique can be used for both troubleshooting other users’ problems as well as running applications on one computer while controlling them from a different computer.