Remote Users

Remote users constitute a predominant portion of Microsoft’s user base.
Windows XP and Windows 2000 Server offer the capability for other Windows users to log into the “remote desktop” of another machine from
a laptop computer. What is most interesting is that while either a Windows
2000 Server or Windows XP Professional computer can offer
remote desktop services, almost any other Windows version can install a
client and log into the remote machine from either a dial-up line or a
high-speed Internet connection.
Microsoft is working to bridge the gap between the Macintosh and
Windows environments. In so doing, Microsoft has created a virtual
remote desktop client for any Macintosh computer running Mac OS X
10.x or above. This client allows the Macintosh to connect to any Windows
XP Professional or Windows 2000 server running “Terminal Services,”
the service that allows remote desktop sharing.
In terms of security, it can easily constitute a vulnerability to the target
server. The reason is that all communication takes place on Port
3389, so if you know the port you can attack the target machine with a
variety of usernames and passwords in an attempt to breach security
and gain access. Furthermore, if you know which machine you are hacking
into, you might already know the account username. However, in
most cases, a hacker will simply target the “administrator” account
because that exists on every machine. The hacker need only keep hacking
into the machine to find the password for this account.
Securing the remote connection Microsoft has officially recommended
the use of VPN solutions for any remote type of connection. This
means that both PPTP and L2TP VPNs provide strong security for any
user attempting to perform business transactions across the “unsecured”
Internet.