Remote into a file server, then...

[Swishbish33]

Hey guys, quick security question because I don't want to screw this up and leave my computer open to attacks, and I'm not as up on this stuff as I should be.

I have a cable modem connected to a D-Link 614+ router that in turn has 3 computers connected to it. One of these computers is half file server, half PVR running XP Home (yeah, its not Pro, but it was cheaper). I want to be able to remote connect to the file server (runs 24/7 on standby when not recording) through UltraVNC (or something similar) and then wake my other computers through the remote connection in order to pull files off of the other computer. Is this possible? How would I set this up? Is it the best way to do it?

I am open to other suggestions of how this is done, but I want to use the file server as the remote "jumping off point" to the rest of my network when I am away on business since money is tight and I want to try to use my existing setup. I thought I read somewhere that the Linksys WRT54G is capable of VPN, or can pass it through to an OpenVPN setup? Maybe I am way off base with what I can do with my current setup? Any help is greatly appreciated.

I want to secure the network as much as possible. I know that XP isn't the greatest for servers, but it's all I've got unfortunately.

Thanks a ton guys.

 

[Private Citizen]

VPN is the way to go. VPN through your router and use something like VNC or remote desktop to control the machines. Easy setup.

 

[Ockie]

you can also use logmein.com it's not only free but you don't need to make any changes to your firewall.

 

[Swishbish33]

So I would just VPN passthrough on the server and set up a VPN on the file server? I'm still a little confused on how a VPN would work without a router capable of VPN...

 

[ccarrigan]

So I would just VPN passthrough on the server and set up a VPN on the file server? I'm still a little confused on how a VPN would work without a router capable of VPN...

You'd do a VPN passthrough on the router, and setup VPN access on the server. You'd need to forward port 1723 to the server and make sure your router can pass through those packets (not sure of your model).

 

[YeOldeStonecat]

Remote Desktop is quite secure when setup properly, as can PcAnywhere and VNC be too.

 

[Swishbish33]

Yeah, I was browsing through UltraVNC's forums and saw that you can encrypt your transmissions between the host and client. I'm not so worried about people seeing what I'm going to be doing, as it isn't top secret, but I am worried about leaving the server open to intruders. Hence the reason I want to only expose ports on the router for only one of the computers, then use remote access across the LAN from the file server to the other computers.

 

[YeOldeStonecat]

Hence the reason I want to only expose ports on the router for only one of the computers, then use remote access across the LAN from the file server to the other computers.

Just remember to secure stuff. Any services that are made available through the firewall...make sure they are secure. So if running a remote control application, like VNC or PcAnywhere..make sure you at least have a nice secure password for that host service.

THEN

Make sure you keep your workstation/server in "Locked Workstation" mode...meaning...once you "get into" the remote application..your next step is to send a ctrl+alt+del request to the computer and log into windows. So makes sure any accounts on the computer have good passwords...especially the Administrator account. And set VNC or PcAnywhere to "lock workstation" after disconnect.

This way..you have 2x layers to log into.

 

[Swishbish33]

Good info. Thanks guys.

I've been reading a little into using an old box (Pentium II, etc) to run a Linux firewall distro (Smoothwall? m0n0wall?) and using it as my router. Any good sources of info on how to do this? I have questions about the hardware side of it, mostly about how to make it wireless, etc.

Thanks a ton guys. I'm a complete noob with Linux routers.