Detailed explanation of the Vista network "Weapon spectrum ".

Vista is a personal-oriented operating system, and its network functions are of course not as powerful as those of the server version. But let's not underestimate it. In fact, many practical network tools have been integrated in Vista. The full use of these tools will greatly improve your network experience in Vista. Next, let's take a look at these network "weapons" in Vista ".

1. Remote Desktop

Remote Desktop is a magic network component and is not proprietary to Vista. However, Remote Desktop under Vista is undoubtedly more powerful and secure than any previous version.

(1). Enable

It is very easy to enable remote desktop under Vista: Right-click "computer" on the desktop and choose "properties", and click "remote settings" under "task" on the left ", on the Remote tab, there are three options under Remote Desktop. Click 2nd or 3rd. However, it should be noted that if you select item 2nd "allow computer connection to run any version of Remote Desktop", so that any version of Remote Desktop client can be connected to Vista, there is a certain security risk. If you have high requirements on network security, select "only Allow Remote Desktop Connection with network-level authentication", which is a security option available in Vista. (Figure 1)

Figure 1 system attributes

(2). Security

Enabling Remote Desktop is like opening a door in the system. People can come in, and flies and mosquitoes can also come in. Therefore, we must take proper security measures.

User restrictions: click the "Select User" button under "Remote Desktop", and then click "add" in the "Remote Desktop Users" window to enter the users allowed, alternatively, you can use "Advanced> Search now" to add a user. I suggest that you do not add groups, but add users as needed. It is not safe for many people to add administrators directly. If an attacker remotely obtains a shell, the attacker can log on to the Remote Desktop by creating an Administrator group. If we only allow specific users, users in the Administrator Group cannot log on remotely even if they are not authorized. (Figure 2)

Figure 2 add Remote Desktop

Change port: the default connection port of Remote Desktop is 3389. Attackers can try the connection through this port. Therefore, you need to modify the port during the security period. The principle is that the port number is generally a port after 1024, and it is not easy to guess. To change the connection port of the Remote Desktop, go to the Registry Editor and locate the following registry key:

HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Terminal Server \ WDS \ rdpwd \ TDS \ Tcp

HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Terminal Server \ winstations \ RDP-TCP

Change the value of portnumber on the right to another value, such as 9833. Note that the value is in hexadecimal format. When you change the value, double-click portnumber, click "decimal", and enter 9833. (Figure 3)

Figure 3 modify the Registry

(3). log on

"Start> Run", enter mstesc to open the "Remote Desktop Connection" device. Click "option" and enter the IP address in the text box on the right of "computer". Because the Remote Desktop port is changed, enter the port number 192.168.1.10: 9833. You can also set other options, but I feel that the very practical function is to map the local disk to a remote computer, which is very convenient for file transmission. On the "local resources" tab, click "details" to expand the "Drive" item and select the corresponding disk partition as needed. (Figure 4)

Figure 5 Remote Desktop Connection

After setting, click "Connect". In the Login Dialog Box that appears, enter the user name and password, and click "OK" to log on to Vista Remotely. Prompt: In the Login Dialog box, select "remember my creden", so that you do not need to enter the user and password next time you log on. (Figure 5)

Figure 5 Windows Security

2,Telnet

Telnet is a very useful command line-based remote management tool that allows administrators to complete almost all system maintenance and management work. Although Vista provides a user-friendly remote desktop, telnet, which consumes a very small amount of system resources, has an irreplaceable advantage. Vista does not configure the Telnet component by default. We recommend this network tool.

(1). install and configure

Choose "Control Panel">"Program", Click" enable or disable windows "under" programs and functions ", and select the" Telnet client "option in the" Windows functions "panel list box, click OK to complete the installation and configuration of Telnet. (Figure 6)

Figure 6 Windows functions

(2) start the service

By default, the telnet server is "disabled" and must be manually enabled. In start → search, enter services. MSC open the Service Manager of Vista, find the "Telnet" service item, double-click to open the "Telnet properties" Panel, set the start type to "automatic" or "Manual ", click "application" and then "start" under "service status" to start the telnet service. (Figure 7)

Figure 7 Telnet Properties

(3). remote connection

Open the command prompt (CMD) and enter the command telnet to complete the remote connection. For example, we connect to a host with IP address 192.168.1.10 and run the Telnet command 192.168.1.10. Press enter and enter the user name and password to telnet to the host. Execute all commands on the Telnet interface to complete remote maintenance and management. (Figure 8)

Figure 8 VPN connection

 

3,VPNConnection

VPN (Virtual Private Network) is a reliable remote connection. It is an effective solution for connecting remote users, company branches, and other companies to the company's internal network. The VPN connection client of Vista has been greatly improved compared with the previous version, and the security is higher.

(1). Create a connection

Step 1: Right-click the "network" icon on the desktop and select "properties" to open the "Network and sharing center" of Vista ", click "set connection" under "task" on the left to bring up the network connection setting wizard. Select "connect to work zone" and click "Next", and then click "use my Internet connection (VPN )".

Step 2: Enter the company's VPN Server address (IP address or domain name) in the text box on the right of "Internet address" in the "Enter the Internet to connect" window, and then enter the VPN. *. org, and then enter the target name. You can also set whether to use a smart card, allow others to use the connection, and whether to connect to the VPN immediately. Click "Next", enter the VPN user name and password assigned to you by the company, and click "Connect" to connect to the company's VPN Server. (Figure 9)

Figure 9 VPN connection

(2). Routine Maintenance

After the VPN is established, you can use the dial-up connection method when you need to connect. Click the "Start> connect" menu in sequence. All available edge connections are displayed. Select the corresponding VPN connection in the connection list. Then, you can connect to the VPN network immediately .. However, the management options for dial-up connections in "Connected Networks" are limited. You cannot manage connections more, or even delete an existing connection. How can we manage VPN connections in the "connected network?

First, click the "Open Network and sharing center" link in the "Connect Network" dialog box to enter the "Network and sharing center" window. You can manage "Network Connections", including "RENAME", "delete", "create shortcuts", and "create copies, you can even change the connection settings.

If you want to place the VPN link on the desktop, you only need to select the desired VPN link in the "Network Connection" window, and then click the "Create shortcut" button, the system automatically prompts "Windows cannot create a shortcut in the current location. Do you want to place the shortcut on the desktop, click "yes" to create a VPN shortcut on the desktop. (Figure 10)

Figure 10 VPN connection

(3). FAQs

Sometimes, when a VPN connection is created, all the settings are correct but cannot be connected to the company's VPN Server. This is generally caused by encryption. We only need to cancel data encryption.

Right-click the VPN connection icon under "Virtual Private Network", select "properties" to open the VPN Properties dialog box, click the "Security" tab, and cancel Data Encryption (Disconnect if no data exists). (Figure 11)

Figure 11 VPN attributes

4. Network neighbors

"Network Neighbor" may be the most common network component in Vista, especially in the working group environment, the network sharing between hosts is inseparable. Vista's "Network Neighbor" has obvious changes compared with XP, and is undoubtedly more intelligent. However, to use Vista's network neighbors, you need to perform the following settings.

(1). Return to the desktop

By default, after Vista is installed, there is no "Network Neighbor" on the desktop. We need to ask for it. The procedure is as follows:

Right-click on the desktop and select "personalized". In the displayed window, select "Change desktop icon" on the left ", then, select "network" under "desktop" and click "OK", and then return to the desktop. (Figure 12)

Figure 12 desktop settings

(2). Communicate with XP

In the current Working Group environment, XP hosts account for the vast majority, and many problems occur when Vista hosts and XP hosts are shared through network neighbors. Therefore, we need to do a good job of communication between Vista and XP, so that network sharing channels can be smooth.

Firewall settings: Open "Control Panel", click "allow programs to pass through Windows Firewall" under "security", and under the "exceptions" tab in Windows Firewall settings, check "file and print sharing" and "network discovery. (Figure 13)

Figure 13 Fire Protection Wall settings

Sharing and discovery: Open "Control Panel" and click "set file sharing" under "network and Internet ", check whether network discovery, file sharing, printer sharing, and other sharing methods under sharing and discovery are enabled. (Figure 14)

Figure 14 Sharing settings

Group Policy Settings: Enter gpedit in "Start> Search. choose "Computer Configuration> Windows Settings> Security Settings> Local Policies> Security Options" in the Group Policy Editor, and double-click "network access: share and security model of the local account, and set it to "classic-authenticate the local user without changing its original identity ". Double-click "allow console logon only for local accounts with blank passwords" and set it to "disabled ". (Figure 15)

Figure 15 enable local security settings

Account-related: You can create a user and set a password for shared access based on security requirements. If the security permit can activate and activate the Guest account for access, but I suggest setting a password for the Guest account. Enter the "Net user guest/active: Yes & net uset gest test168" command on the command line to activate the Guest account and set its password to test168. (Figure 16)

Figure 16 activating a guest account

Other factors: Check that the Vista and XP hosts are in the same workgroup. The default workgroup is Workgroup, And the subnet mask and gateway are the same in the IP address segment.

Summary: The above lists the most commonly used network weapons in vsita. In fact, Vista is like a "weapons library", and there are countless powerful weapons in it, it depends on whether you will make it.