Controlling LAN Access to my Remote Desktop?

Hi There,

I have a PC that is running on a local area network, that I use as the main
server. I connect to this regularly and use it as my main stay PC. It has
all my documents and files, etc etc on there. Just recently I have been
advised that other people on the LAN may be able to access the Remote
Desktop of my server. I've done all the obvious stuff like use a password
that is 'hard to guess' and one that 'means nothing in particular' etc, but
is there anything else I can do in order to further secure access to my
Remote Desktop? Like only allow users with a specific IP address to
connect, or by any other means that will make it more secure that it is
already? The server who's Remote Desktop I use, is running Windows XP Pro,
and so is the computer I access it with. I would appreciate any comments or
suggestions that could make my Remote Desktop more secure on the LAN.

Oh one other thing has croped up recently too. I was told that Windows XP
Pro has a built-in defaut admininstrator account. To my knowledge I have
never changed the password of this, so can anyone tell me what the default
password is likely to be and how I go about changing that as well...

Thanks Steve

Probably your admin password has either no password at all or it's "admin"
or "password".
You should be able to use a firewall such as ZoneAlarm Pro to protect you
machine. This can, as you need, set IP address level protection. The only
issue is that someone might spoof the IP address and get past this!

Paul DS.

"Paul D.Smith" <(E-Mail Removed)> wrote in message
news:422de0c9$0$10946$(E-Mail Removed). net...
> Probably your admin password has either no password at all or it's "admin"
> or "password".
> You should be able to use a firewall such as ZoneAlarm Pro to protect you
> machine. This can, as you need, set IP address level protection. The
> only
> issue is that someone might spoof the IP address and get past this!
>
> Paul DS.
>

So there is 'NO easy way in' without knowing the password of Remote Desktop
connection?

Spess

Spess wrote:
> Hi There,
>
> I have a PC that is running on a local area network, that I use as
> the main server. I connect to this regularly and use it as my main
> stay PC. It has all my documents and files, etc etc on there. Just
> recently I have been advised that other people on the LAN may be able
> to access the Remote Desktop of my server. I've done all the obvious
> stuff like use a password that is 'hard to guess' and one that 'means
> nothing in particular' etc, but is there anything else I can do in
> order to further secure access to my Remote Desktop? Like only allow
> users with a specific IP address to connect, or by any other means
> that will make it more secure that it is already?

Not within widows.
You would need to filter traffic on the LAN which you probably don't have
the kit to do.

> The server who's
> Remote Desktop I use, is running Windows XP Pro, and so is the
> computer I access it with. I would appreciate any comments or
> suggestions that could make my Remote Desktop more secure on the LAN.
> Oh one other thing has croped up recently too. I was told that
> Windows XP Pro has a built-in defaut admininstrator account. To my
> knowledge I have never changed the password of this, so can anyone
> tell me what the default password is likely to be and how I go about
> changing that as well...

Right click on "My computer" and select manage.
Go to the local users section and find the administrator account.
Right click on that and change the password.
--
Alex

Hermes: "We can't afford that! Especially not Zoidberg!"
Zoidberg: "They took away my credit cards!"

www.drzoidberg.co.uk
www.sffh.co.uk
www.ebayfaq.co.uk

"Dr Zoidberg" <AlexNOOOOO!!!!@drzoidberg.co.uk> wrote in message
news:(E-Mail Removed)...
> Spess wrote:
>> Hi There,
>>
>> I have a PC that is running on a local area network, that I use as
>> the main server. I connect to this regularly and use it as my main
>> stay PC. It has all my documents and files, etc etc on there. Just
>> recently I have been advised that other people on the LAN may be able
>> to access the Remote Desktop of my server. I've done all the obvious
>> stuff like use a password that is 'hard to guess' and one that 'means
>> nothing in particular' etc, but is there anything else I can do in
>> order to further secure access to my Remote Desktop? Like only allow
>> users with a specific IP address to connect, or by any other means
>> that will make it more secure that it is already?
>
> Not within widows.
> You would need to filter traffic on the LAN which you probably don't have
> the kit to do.
>
>> The server who's
>> Remote Desktop I use, is running Windows XP Pro, and so is the
>> computer I access it with. I would appreciate any comments or
>> suggestions that could make my Remote Desktop more secure on the LAN.
>> Oh one other thing has croped up recently too. I was told that
>> Windows XP Pro has a built-in defaut admininstrator account. To my
>> knowledge I have never changed the password of this, so can anyone
>> tell me what the default password is likely to be and how I go about
>> changing that as well...
>
> Right click on "My computer" and select manage.
> Go to the local users section and find the administrator account.
> Right click on that and change the password.
> --
> Alex
>
> Hermes: "We can't afford that! Especially not Zoidberg!"
> Zoidberg: "They took away my credit cards!"
>
> www.drzoidberg.co.uk
> www.sffh.co.uk
> www.ebayfaq.co.uk

Now then, in this section, I have 6 separate user accounts as follows;

Administrator
ASPNET (ASP.NET Machine Account)..... Anyone know what this is for?? Can I
delete it?
Guest
Help Assistant
My.Name (This Account is in my own name)
SUPPORT_388653a0 (This one says vendors account for help and support).. Can
this one go too?

Or more to the point, can I get rid of all of them except the one in my
name?

Thanks
Spess

Spess wrote:
> "Dr Zoidberg" <AlexNOOOOO!!!!@drzoidberg.co.uk> wrote in message
> news:(E-Mail Removed)...
>> Spess wrote:
>>> Hi There,
>>>
>>> I have a PC that is running on a local area network, that I use as
>>> the main server. I connect to this regularly and use it as my main
>>> stay PC. It has all my documents and files, etc etc on there. Just
>>> recently I have been advised that other people on the LAN may be
>>> able to access the Remote Desktop of my server. I've done all the
>>> obvious stuff like use a password that is 'hard to guess' and one
>>> that 'means nothing in particular' etc, but is there anything else
>>> I can do in order to further secure access to my Remote Desktop? Like
>>> only allow users with a specific IP address to connect, or by
>>> any other means that will make it more secure that it is already?
>>
>> Not within widows.
>> You would need to filter traffic on the LAN which you probably don't
>> have the kit to do.
>>
>>> The server who's
>>> Remote Desktop I use, is running Windows XP Pro, and so is the
>>> computer I access it with. I would appreciate any comments or
>>> suggestions that could make my Remote Desktop more secure on the
>>> LAN. Oh one other thing has croped up recently too. I was told that
>>> Windows XP Pro has a built-in defaut admininstrator account. To my
>>> knowledge I have never changed the password of this, so can anyone
>>> tell me what the default password is likely to be and how I go about
>>> changing that as well...
>>
>> Right click on "My computer" and select manage.
>> Go to the local users section and find the administrator account.
>> Right click on that and change the password.
>> --
>> Alex
>>
>> Hermes: "We can't afford that! Especially not Zoidberg!"
>> Zoidberg: "They took away my credit cards!"
>>
>> www.drzoidberg.co.uk
>> www.sffh.co.uk
>> www.ebayfaq.co.uk
>
> Now then, in this section, I have 6 separate user accounts as follows;
>
> Administrator
> ASPNET (ASP.NET Machine Account)..... Anyone know what this is for??
> Can I delete it?
> Guest
> Help Assistant
> My.Name (This Account is in my own name)
> SUPPORT_388653a0 (This one says vendors account for help and
> support).. Can this one go too?
>
> Or more to the point, can I get rid of all of them except the one in
> my name?
>
Just change the password on the administrator and disable the guest and
Support account.
I'd leave the ASP one alone as you will probably break any web hosting you
have on the machine if you disable that.

--
Alex

Hermes: "We can't afford that! Especially not Zoidberg!"
Zoidberg: "They took away my credit cards!"

www.drzoidberg.co.uk
www.sffh.co.uk
www.ebayfaq.co.uk

[snip]
> So there is 'NO easy way in' without knowing the password of Remote
Desktop
> connection?
>
> Spess
>
>
>
Not that I know of - but don't take that to mean there isn't, after all it
is a Microsoft product!

Paul DS.