Coding Day

Remote Desktop is one the great features added to Windows since XP.  From then many clients exists for connecting to remote desktops including linux, Mac OS X. Remote desktop connection uses Remote Desktop Protocol (RDP) and the protocol has 128 bit encryption; however it is possible to decrypt entire connection because of its implementation.  We need to use some other layers to make the connection secure

TLS/SSL can be used to secure the connection but it is for server systems. Also for cross platform issues it might not be the best solution. Linux’s famous secure desktop shell (ssh) can be used for such purpose. SSH is not just a remote shell, more importantly it provides TCP tunneling and port forwarding with the built-in encryption of course.

You need to have an ssh server either on windows or linux machine that is accessible from the outside world. For remote connections normally you need to open port 3389, in this case only ssh server port needs to be open from the firewall. For windows ssh server OpenSSh for Windows might be a good choice for client and server. Simply you need to install ssh server and add users to the server.

What you need to do is to logon the remote system and ask the system to redirect you to a machine with the port number. As a result you get an encrypted tunneled connection to your remote machine.

can@host-174-92:~> ssh -L 3389:192.168.1.111:3389 -C 112.232.121.111 -l can
The authenticity of host ‘112.232.121.111′ can’t be established.
RSA key fingerprint is 47:da:4e:ab:94:2b:d7:39:cc:19:17:33:55:6a:73:61. Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘112.232.121.111′ (RSA) to the list of known hosts.
can@112.232.121.111’s password:
Last login: Fri Oct 13 15:49:55 2006 from x

can@host-174-92:~> rdesktop -u username -a 24 localhost

.

Linux

On linux you use the remote desktop client rdesktop for connection remote desktop servers. Since the redirection is done to localhost with the previous command. Connection to local rdesktop will actually connect us to the remote.

can@host-174-92:~> rdesktop -u username -a 24 localhost

.

Windows

In windows the process is almost the same unless you have a Windows XP Pro or Vista Ultimate Editions. The problem with those versions is that they have a remote desktop server running on port 3389. In that case, you need to tunnel through an unused different port. For instance 3390 should be available. The only thing you will change is the port connection to the ssh server.

openssh -L 3390:192.168.1.111:3389 -C 112.232.121.111 -l username

.

With this command you redirect your system’s 3390 port to remote system’s 3389 port. Of course the ports must be the server’s port. After that we just connect using Windows Remote Desktop client with the adress “localhost:3390″. We will be connected to the remote host than after.

Conclusion

As a result on your corporation, the only port to open to the outside world is the ssh server port which is usually port 22. From that you can redirect every traffic to an internal machine using secure connection and tunneling. This is not limited to remote desktop connections of course, you can use some other services or protocols to make them more secure.  

My article is on readwriteweb. I am glad to see there, thanks to Richard MacManus for his editing and creating readwriteweb.

Abstract

As the connection speed of the internet has increased, the demand for web related services has also increased. After the Web revolution, peer-to-peer networks evolved and currently have a number of different usages - instant messaging, file sharing, etc. Some other revolutionary ideas are still in research. People want to use peer-to-peer in many different applications including e-commerce, education, collaborative work, search, file storage, high performance computing. In this series of posts, we will look at different peer-to-peer ideas and applications.

For the rest you can visit
P2P: Introduction and Real World Applications

Windows Vista new features has been started to implement by many hardware manufacturers. One of the features that I want to use mostly is Windows Sideshow.

The Windows Sideshow site points that :

Wouldn’t it be great if you could read an e-mail message, confirm a meeting location, or check a flight reservation without turning on your computer?

I really want to do that without switching on my computer. I don’t want to load the operating system just for checking mails. Windows Sideshow is basically a gadget interface. For the moment some interesting products are using  Windows Sideshow technology like motherboards, notebooks, bags. I mostly liked sideshow enabled notebook. I am sure there will be more interesting products in a wide range later this year.

With the adoption of Windows Sideshow, gadgets will be more important which will make Windows Sidebar more important product  among other gadget engines. Gadgets are small programs for many different purposes. Mostly they are programmed in XHTML and javascript. If you have an idea for a gadget programming them is not a big deal. I mostly found the gadgets I needed and hacked some of them to work much better :). Currently there are a few hundred gadgets in the Windows Gadget Gallery and is increasing everyday. I personally like the gadget idea although I prefer to use Yahoo Widget Engine because of the heads up display and the number of widgets. I use gadgets for e-mails, weather, system monitoring, alarms,  TV schedules, and some RSS feeds that I can ignore.  

I am nearly at the end of second term. This term was even more intensive than the first one. I have a series of exams and assignments that keeps me busy nowadays.

Beside that, next term, I am moving to Cambridge to work as a research intern at Microsoft Research. I am very pleased to say that and this is  the best news I had. I am really excited about it and really looking forward to go and work with them.

I will join F# team in Cambridge and I will develop some libraries for the language. I will be more in functional programming in next months.  You will see soon.

Expressing imperatively for the last time

MethodInvoker roadTo= new MethodInvoker(Cambridge) ;
IAsyncResult res =roadTo.BeginInvoke(null,"still dreaming...");