said by Raphion :

Every step stumps me. Now I made accounts without spaces, and tried again, and PuTTY says "Network error: Software caused connection abort". This is why I say VPN or any other tunneling system is way over my head. :hmm:

said by YqE41k24 :

That's why in the link above, they say that this exploit is more viable with DNS than without. This isn't the kind of attack you'd run into at a coffee shop or public internet (unless you think the ISP is hosting the attack).

I wouldn't leave anything like in service all the time either.

said by YqE41k24 :

This article describes one vulnerability to Windows Remote Desktop. It sounds real, but an attacker would have to be pretty determined to get anywhere with it.

»www.xatrix.org/article.php?s=1943

I don't think there's any practical problem with using RDP over a clear channel (unless you are worried about targeted corporate espionage...). But taken from a system perspective, why would you want to? A better system design is to use a VPN-capable firewall to protect you from snooping and your inner equipment from the internet. You could use straight RDP, but it's better to have a secure entre into your lan through one path instead of opening one-off paths with firewall rules for protocol-specific ports.

said by Raphion :

Well I'm trying CopSSH, but I can't activate my user account. I was able to activate administrator, but not an account that I actually use. It tells me the account does not exist, even though it just listed it. :huh:

The account name in question has a space in it, does the space break this? :hmm:

said by Anav :

Lets go back to the original question, no one here seems to use RD by itself. Is it not secure? If that is all one has, what precautions/practices should one exercise?????

said by jig :

i'm wary of limiting my connection to me having to carry a large key around in my pocket. i can't memorize it, but i can lose it in a way that gives access to another...

said by Flaubert :

I was just looking at the link posted above about Windows remote connections and it looks like there's a way of encrypting the traffic between the client.

What gives?

said by Flaubert :

So you're saying:
a- Install CopSsh on the server.
b-Install Tunnelier on the client.
c -Forward only port 22 to my private IP ??

Sorry if I seem a little slow but there are a couple of things I need explained:

The parameters you've entered in Tunnelier
under "Host" and "Port"
On the "Login" tab:
I am not on a Domain, so should I just enter my Wan ip on there if I connect from outside my Llan?
On the Options tab:
Do I have to enter the same parameters as yours?

And also, could you be a little more specific on how to create those 2048 bit public/private keys?
I tried reading your openbsd link but I didn't understand it.

Thanks anyway for your help so far. I know a lot more than when I started this thread....

said by Flaubert :

So you're saying:
a- Install CopSsh on the server.
b-Install Tunnelier on the client.
c -Forward only port 22 to my private IP ??

Sorry if I seem a little slow but there are a couple of things I need explained:

The parameters you've entered in Tunnelier
under "Host" and "Port"
On the "Login" tab:
I am not on a Domain, so should I just enter my Wan ip on there if I connect from outside my Llan?
On the Options tab:
Do I have to enter the same parameters as yours?

And also, could you be a little more specific on how to create those 2048 bit public/private keys?
I tried reading your openbsd link but I didn't understand it.

Thanks anyway for your help so far. I know a lot more than when I started this thread....