Wednesday, October 16, 2013
Prevent Terminal Server users from establishing VPN connections
Disable the "Remote Access Connection Manager" service and make sure none of your users have the ability to enable it.
Tuesday, September 6, 2011
Connecting to a TLS/SSL enabled Windows Terminal Server from Linux
I recently had to change my terminal servers to use an SSL certificate to prevent Man-In-The-Middle RDP attacks. This made my previous Linux RDP clients, rdesktop 1.6.0 and krdc, no longer able to connect to the terminal server. After much googling, I found remmina, installed and tested and it works to connect to an SSL-only Windows 2003 Terminal Server.
Thursday, July 14, 2011
Connecting to a Windows computer from Linux
If you run Linux and need to connect to a Windows computer by name and do not have a domain controller or static IPs, then you may need to use nmblookup to find the IP address and then connect to that.
Example:
mount -t cifs \\server\share share
might give you
"mount error: could not resolve address for server: No address associated with hostname"
However, if you look up the name using nmblookup, you could get the address:
nmblookup server
querying server on 192.168.0.255
192.168.0.182 server<00>
So then you can get to it by IP address instead of hostname:
mount -t cifs \\192.168.0.182\share share
You can do the same with rdesktop:
rdesktop server
ERROR: getaddrinfo: Name or service not known
rdesktop 192.168.0.182
(connects)
As a general rule, if you find you frequently have to do something, it can be useful to write a script to speed it up.
For remote desktop, I use the following as "rdp.sh":
rdesktop -g 1250x925 `nmblookup $1 | sed -e 's/querying //g' -e 's/on 192.168.0.255//g' -e 's/<00>//g' -e s/$1//g -e 's/ //g'`
the $1 says use the first variable after the script, the sed line clears everything except the IP address, the `` causes it to be executed first, and the -g variable is so it fits best on my screen.
So, to connect to server, I run:
rdp.sh server
I welcome comments, complaints, and suggestions.
Example:
mount -t cifs \\server\share share
might give you
"mount error: could not resolve address for server: No address associated with hostname"
However, if you look up the name using nmblookup, you could get the address:
nmblookup server
querying server on 192.168.0.255
192.168.0.182 server<00>
So then you can get to it by IP address instead of hostname:
mount -t cifs \\192.168.0.182\share share
You can do the same with rdesktop:
rdesktop server
ERROR: getaddrinfo: Name or service not known
rdesktop 192.168.0.182
(connects)
As a general rule, if you find you frequently have to do something, it can be useful to write a script to speed it up.
For remote desktop, I use the following as "rdp.sh":
rdesktop -g 1250x925 `nmblookup $1 | sed -e 's/querying //g' -e 's/on 192.168.0.255//g' -e 's/<00>//g' -e s/$1//g -e 's/ //g'`
the $1 says use the first variable after the script, the sed line clears everything except the IP address, the `` causes it to be executed first, and the -g variable is so it fits best on my screen.
So, to connect to server, I run:
rdp.sh server
I welcome comments, complaints, and suggestions.
Subscribe to:
Posts (Atom)