Home » 6 Tips for Safer Remote Work with Computers! -Learn random passwords, change port numbers, and check login records once | T Kebang

6 Tips for Safer Remote Work with Computers! -Learn random passwords, change port numbers, and check login records once | T Kebang

by admin
6 Tips for Safer Remote Work with Computers! -Learn random passwords, change port numbers, and check login records once | T Kebang

The remote working situation brought about by the epidemic has become the new normal for many people, but not everyone can easily adapt or switch to the Work From Home mode. After all, in the past, we may have stored a lot of If the necessary information has to be completely converted to online access all of a sudden, it is actually not as simple as imagined, so the application of “remote control” has become the most convenient and popular option.

However, the remote connection means that it must pass through an open network, and passing through the network means that there will be potential security risks, especially if the computer with the remote desktop function is turned on, it is equivalent to taking control of the system without reservation are exposed to the vast Internet, so users must take appropriate measures to prevent data leakage or intrusion by others.

In this special project, the author uses three sets of popular remote control software, namely AnyDesk, Chrome Remote Desktop and Windows Remote Desktop, to demonstrate the key and important security-related options among these tools. , to further help readers reduce information security risks.

The dangers of working remotely

In the computer field, remote control is a technology with a long history of development, but it is also the most likely channel to cause data leakage and privacy risks. Especially in recent years, remote work has become the new normal. In order to meet the needs of employees, companies have greatly relaxed the relevant restrictions on remote control, allowing hackers to take advantage of the opportunity to steal data or damage the system, and related information security issues have therefore surfaced. mesa.

In order to take into account the convenience and security of remote control, we can actually keep in mind several basic information security concepts, create a low-risk use environment, and seek a balance between the two.

Separate user permissions

As far as the operating system is concerned, the user is only allowed to operate as many actions as the administrator grants. Therefore, as long as proper authority control is done, it is possible to prevent wrong people or programs from accessing files that they should not handle. .

Before performing remote operations, users should plan in advance which data can be remotely accessed and which data cannot be accessed, whether it is restricting the data itself or setting the user’s permissions, as long as it can be achieved The same effect, even if it takes time and effort, should be done as much as possible, because this is the most effective guarantee for information security.

Wherever you go, you must leave a record

When we need to control the computer through a remote connection, it usually means that the user is not in front of the device at the moment, and during the period when the computer is waiting to be controlled, if someone else operates the device through a remote or direct method, then there is Users deserve to be notified that their computer has been accessed by someone else.

As the saying goes, wherever you walk, you will leave traces. As long as you know how to check whether your computer has been connected, logged in, and accessed at any time, it will be of great help to improve privacy and security.

See also  Since around autumn 2023

Antivirus check is necessary

Remote control involves communication between two devices. In addition to manual operations by users, there will be many operations that we cannot see between devices. Therefore, anti-virus software is used to check these non-manual operations. , Blocking the spread of malicious programs such as viruses and Trojan horses is the easiest way to improve information security.

After Windows 8, Microsoft has preset Defender anti-virus software for the system, so that most computers have a certain degree of security. Just remember to regularly perform updates, anti-virus and other operations on the master and controlled devices, that is, A low-risk remote connection environment can be created.

Let AnyDesk always jump out of the authorization query window

Most of the remote desktop software on the market will require the connection end to provide an account number and password before they can access the data on the controlled end computer. However, AnyDesk does not enable the password function by default, as long as the ID can be used to connect Wire. Under normal circumstances, when the remote computer receives a connection request from the master, AnyDesk should automatically pop up a notification reminder, but if the user finds that the window is not displayed at all, he can restore it to the default through the settings and clear the original The authorization information given can effectively improve the privacy and security of using AnyDesk, and prevent the computer from being controlled by others in the background without knowing it.

Step 1. After opening the main screen of AnyDesk on the controlled computer, click the icon with four lines in the upper right corner, and press “Settings”.

Step 2. Then find “Security” in the left column of the settings, and click “Unlock Security Settings” on the right.

Step 3. Change the options in the “Interactive Access” block, click “Always show requests to join sessions”.

Step 4. Then uncheck “Allow other devices to store login information for this desktop” in the “Permissions” block, and then click “Clear all tokens”.

Step 5. Then pull down the screen and uncheck the two options in the “Exploration” block, so that the only way to connect to the computer via ID is to further improve security.

Set complex passwords for AnyDesk unattended

When AnyDesk’s unattended setting is enabled for remote connection, the software will require the user to create a password for identity verification. Considering security, AnyDesk officials strongly recommend that the length of this set of passwords should be at least 12 characters, and preferably contain letters, numbers, and symbols. At the same time, it should not be words with clear meanings, and there should be too many repeated or continuous combinations. Faced with such strict requirements, it is recommended that users use the “random number generator” to create passwords. If there is no additional password management software installed, then the author recommends using the official online tools provided by LastPass to easily generate high-strength passwords.

LastPass Password Generator
Tool URL: https://tinyurl.com/yktb3dr4

Step 1. After opening the main screen of AnyDesk on the controlled computer, click the icon with four lines in the upper right corner, and press “Set password for unattended access”.

Step 2. Then open the password generator web tool provided by LastPass, first adjust the password length to more than 12 characters.

Step 3. Then change the middle option to “All characters” to set the most complex password combination.

Step 4. Then click the refresh icon in the upper right corner, and click “Copy Password” to copy the password.

Step 5. Go back to the AnyDesk screen and paste the random number password generated by the web tool. As long as it is complex enough, it should display “This password is very safe” and continue to complete the setting steps.

Allow AnyDesk remote operation to leave a video record

In order to determine who has ever connected to the computer via remote mode and what operations have been performed on the system during the unattended period, AnyDesk provides a built-in video recording function, as long as the controlled terminal is turned on, a video file will be automatically generated. It fully presents the various behaviors of the computer connected to the user after being remotely controlled. In addition, the master control terminal can also record video synchronously during the connection out process, and can also leave a record for the user to review. However, the video file generated by AnyDesk is in a proprietary format. If it is to be played back, it must be processed by the software itself, and third-party players cannot be used.

See also  What about Android apps that Windows 11 says?Microsoft is silent

Step 1. After opening the main screen of AnyDesk on the controlled computer, click the icon with four lines in the upper right corner, and press “Settings”.

Step 2. Then find “Recording” in the left column of the settings, and tick the two check boxes on the right, so that whether you are remotely controlling others or being controlled by others, you will be able to archive the video.

Step 3. Click “Unlock Recording Settings” and tick the check box in the recording section, so that the system will start recording as long as the remote connection is established, regardless of whether the user has logged in or not.

Step 4. To watch the video recorded during remote control, click the icon with four lines in the upper right corner of the main screen of AnyDesk, and press “Session Recording”.

Step 5. Then you can review the operation process of each remote control/remote control of the computer, and notice that the video file name is in a proprietary format, and only AnyDesk can play it correctly.

Make Chrome Remote Desktop only available over local network or VPN

Due to the simple and easy-to-use interface, many people use Chrome’s remote desktop function to easily connect back to their computers at work or at home. However, for the enterprise environment, the remote control of the system itself represents a risk. In order to ensure security, it is actually more secure to use related functions with a VPN. Chrome remote desktop can directly disable the firewall traversal by adding a machine code, so that the computer can be controlled by the remote control within the local area network, or can only establish a connection through the VPN connected to the intranet. This isolates the external network and minimizes information security risks.

Step 1. First press the “Windows+R” key combination on the controlled computer to call out the execution window, and then enter “regedit” to open the login editor program.

Step 2. Then find “SOFTWARE” under the “HKEY_LOCAL_MACHINE” key.

Step 3. Find “Policies” under “SOFTWARE”, click the right mouse button to expand the menu, find “Add”, “Code” and name it “Google”.

Step 4. Add another “Chrome” code under “Google”, then in the right window, click the right mouse button and click “Add”, “DWORD (32-bit) value”.

Step 5. Name the value “RemoteAccessHostFirewallTraversal”, and keep the value at “0”.

Change the connection port number of the Windows remote desktop

The remote desktop function built into Windows for a long time can be said to be one of the most coveted attack targets of hackers. After all, it has a long history of development and related vulnerabilities are easy to be caught. To improve security, you still have to rely on correct settings and usage habits. If you are opening or planning to use the Windows remote desktop, it is recommended that the connection port number of the controlled terminal must be changed, because the hacker attacks on the default connection port are usually the most frequent and the largest, so if you can Avoiding it in advance will naturally reduce the risk of being invaded.

See also  WhatsApp Introduces Shortcut to Start Conversations with Unknown Contacts on Windows Beta

Step 1. The default connection port of Windows Remote Desktop is 3389. Hackers usually like to carry out frequent attacks on this port, so it is necessary to change it.

Step 2. Open the login editor program on the controlled computer, and find the “SYSTEM” under the “HKEY_LOCAL_MACHINE” machine code.

Step 3. Then continue down to find “Control” in “CurrentControlSet”.

Step 4. Find “Terminal Server” in “Control”, and then go to the “WinStations” key.

Step 5. Click “RDP-Tcp” in “WinStations”, and then find “PortNumber” on the right to switch the numerical data to decimal, and change 3389 to a port number that will not conflict with other services.

View the login records of Windows remote desktop

Although the remote desktop function built into Windows is very convenient to enable and operate, it cannot know who has connected to the computer in the past in an intuitive way like third-party software, and even what they used. Login as. In this regard, if we want to obtain this information, we must use another built-in function of Windows, “Event Viewer”, to browse through audit events and further filter keywords and view detailed information. If the Windows remote desktop is running on the user’s computer, it is recommended to read the records from time to time to confirm whether there are any abnormal connection and login behaviors in the system.

Step 1. First, right-click on the Windows icon on the taskbar and find “Event Viewer”.

Step 2. Then find “Security” under “Windows Records” on the left column, and you will see all the kernel records of the system.

Step 3. Click “Filter Current Records” on the right column, and enter “4624” in the event ID field to filter.

Step 4. The audit records displayed after filtering the event identification codes will theoretically be records of user login success or failure, and you can click one to open detailed information.

Step 5. If the displayed code is “10” in the “Login Type” of “Login Information”, it means that the event is generated by a remote desktop connection. If there is an unknown login, it should be dealt with as soon as possible.

This article was simultaneously published in PC home magazine

Welcome to join the PC home magazine fan group!

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy