For years, many individuals and corporations were faced with the problem of not

cagamosisthingyNetworking and Communications

Oct 27, 2013 (3 years and 5 months ago)


For years, many individuals and corporations were faced with the problem of not
being able to access their work or business computer from any location but the machine
they were working on
itself. If an employee of a business needed to reboot a server
fway across the world or retrieve a file on a computer separate from
its own
LAN, that
employee had to physically perform those operations at the machine itself. This was
obviously time consuming and a headache to employees who needed to travel far
ces to get to those machines. This also presented a problem to other users who may
have been logged into a server that was no longer performing correctly. Logged in users
would sometimes have to wait hours
, even days,


the server to be rebooted before

could continue their work. This was because a technician had to travel to the physical
machine and perform a hard reboot.

Today, there is a solution to all of these problems and more. This solution is

called Remote Access Software and Terminal Serv
ices. Remote A
and Terminal Services allow

users to access a server or standalone computer
there is

internet access from anywhere in the world and perform operations on that
specific machine. This software greatly reduces tra
vel time for employees and downtime
on servers experiencing problems.
If a local computer technician is having trouble with a
machine and cannot figure out a problem, that technician can have a specialist located
anywhere in the world

to the machi
using Terminal Services
and fix the
Remote A
and Terminal Services
software can also do


other things
as well.
For example,
Terminal Services

software makes it easier for users to update
system software remotely and can allow for ser
vers to run headless, or without a monitor.

Remote Access software can allow employees to retrieve work files from their home.
This can help if the employee forgot a file at the office and needs to get it without
physically traveling to his/her local mac

There are many

different types and brands of Remote Access S
oftware. Although
we will not talk about them all, we will mention many of the popular, more successful

and brands of software. One of the most used and most widely known is
. Symantec


is one of the most popular
forms of remote
access software and
the basis for some remote access programs today.
AT&T offers a
software package known as VNC, or Virtual Network Computing.


was first
developed at the
University of Cambridge, and was later bought out by AT&T.
now acts as freeware to anyone who wishes to use it. W
e will


mention some other
types of remote access software
that is
offered today

Our discussion throughout this
paper will primaril
y focus on
, Windows

XP Remote Desktop,
terminal services, and VNC, as well as their advantages, disadvantages and possible
future services.

Terminal Services, on the other hand, is only offered through Microsoft,
and is meant to run o
ff of a Windows


Server. Users can log into the server and run
applications on the server remotely using no processor power on a dumb terminal.

Terminal Services is offered in Windows NT 4.0 TSE

(Terminal Server Edition)
Windows 2000 Server and Wind
ows XP.

Terminal Services:

The terminal services component of the Windows NT TSE OS, Windows 2000
Server OS, and Windows XP OS can deliver the Windows desktop and latest Windows
based applications to virtually any computer with internet capabilities. Alth
ough it may
look like it, the remote machine or “client”

does not have Windows 2000, XP,
NT or the applications that appear on

screen. Instead it is acting as a display and input
device for a server located somewhere else. This is the whole i
dea of terminal services,
to run applications on a machine from a separate location. In a way, terminal services is
bringing us back to the client/server days where little or no processing was done on the
local dumb terminal and everyone logged into the s
erver to run their applications. The
Terminal Services client software is available for a variety of client hardware devices

can run on either a
Windows based terminals
non Windows based terminal

uch as

Apple Macintosh or UNIX workstations. So b
asically, if you ran the client on an Apple
or UNIX machine, when you logged into a Windows server, your screen would

windows desktop. One of the most compelling aspects of Terminal Services to large
businesses is that it can allow outdated and olde
r machines to display modern and current
applications. These tasks cannot be done by the old machine itself due to

processing power and memory. By being able to run on these low powered machines the
Terminal Services client is considered a “S
thin” client because it needs minimal
requirements to operate

Terminal Services Features


Microsoft’s Terminal Services was first introduced in Windows 2000 Server. It is
the updated version of Windows NT 4.0 TSE (Terminal Server Edition). W
indows 2000
Terminal Services works by sharing the user interface. Clients send keystrokes and
mouse events to the server and receive display changes back. Even on a fairly slow
connection, such as a 28.8K modem, the performance of Terminal Services connec
is good enough to display all but the most multimedia
intensive applications. This is all
due to the fact that all of the processing is being done on the server instead of the terminal
that the user is working at.

The protocol exchanged between cli
ents and servers is called
Remote Desktop
). Terminal Services can also use a protocol called the Citrix Independent
Computing Architecture or the ICA protocol. RDP is based on the International
Telecommunication Union’s (ITU) T.120


This is

an international open
standard first used in multiple virtual channel conferencing products like Microsoft’s
NetMeeting. RDP is a sophisticated protocol, supporting multiple levels of encryption
and Unicode, a standard for character definition in

all languages. At the network transport
level, Terminal Services requires a TCP/IP connection. There are a number of different
versions of RDP such as RDP 4.0 which is native to Terminal Server, RDP 5.0 which is
available in Windows 2000 Terminal Service
s, and RDP 5.1 which is going to be
introduced in Windows.Net Server 2003. The RDP protocols are capable of
udio, local
printing, drive mapping, port redirection,
and cutting

and pasting, load balancing, remote
control, bitmap caching, encryption, and au
tomatic client update across a network. In
other words, it allows a user to do almost anything from a remote location. The Citrix
ICA protocol is capable of everything the RDP protocol is
, as well as being
capable of
application publishing

(Microsoft RD
P 1

Recently, the RDP protocol has been brought under scrutiny by the public eye.
Users of the software have discovered two problems in the program. The first involves
how session encryption is implemented in certain versions of RDP. All RDP
ntations allow the data in an RDP session to be encrypted. However, in the
Windows 2000 and Windows XP

, the checksums of the plaintext session data
are sent without being encrypted themselves. An attacker who was able to eavesdrop on
and record an

RDP session could conduct a straightforward cryptanalytic attack against
the checksums and recover the session traffic. The second involves how the RDP
implementation in Windows XP handles data packets that are distorted in a particular
way. When the serv
er receives these distorted packets, the Remote Desktop service
would fail, and with it would fail the operating system
. Since these initial problems, the
Microsoft Corporation has put out security bug fixes for the RDP protocol and so far has
had no othe
r reported problems

(Microsoft Security 1)


Remote access provides the access to control PCs over the web.

allows for the
ability to access you

workstation from locations outside of your office, or any other
workstation or PC other than

the one that you are currently using. If you are at work or if
you are away from your home computer and you needed to access information or to
download information that is on your home computer, remote access makes this possible.
It also makes it possib
le to have employees work from home,

that they can
have access to everything that would be available to them at work on the workstations in
their office
. Another

fact that makes remote access interesting is the possibility of a
service departm
ent of a computer manufacturer to be able to log onto a computer of a
customer and to be able to fix that computer from their office or their place of work.
There are many companies that construct remote access software, however, some are
more reliable, p
owerful, and user friendly than others.

, which is made by

is a form of remote access software
which offers a direct connection to a remote PC at low cost without the need for a web
based service.

allows fast easy access
to any computer in the world that is

to the internet. In order to be able to access another computer using


the user has to

do is

install the host software on the host computer

client software on the remote computer. The onl
y way that you will be able to have
access to another computer is if the other computer has the host software installed on it.
Just for clarity, lets say that I wanted access

to the

computer in my room for information
that I left there for this paper
. Ho

I am now in the library typing this paper

would like to retrieve the data I saved in my room
. The computer in my room would
have to have the host software set up on it, and I would have to have the remote software
set up on the computer in the
. This would be the only possible way

to access my
computer in my room.

allows you to connect your personal computer to
another personal computer, laptop, or office PC using either a cable or telephone
connection. Not only does it allo
w one to transfer file

from one PC to another, but it
also allows you to control a distant PC using a feature called remote control.


session is carried out over TCP on port 5631, but the client
listens on UDP on port 5632. There are two p
ossible status query values; NQ which is
name query and ST status query. The NQ returns the remote stations name and some
capability letters to let the host know what the remote is capable of. The ST returns a
byte packet that indicates whether the

Host is busy or not


also uses the TCP/IP protocol.
According to



short for
a connectionless protocol that, like TCP, runs on
top of IP networks. Unli
ovides very few error recovery services,
offering instead a direct way to send and receive datagrams over an IP network. It


primarily for

messages over a network

, UDP)

I will further explain UDP
hat it does

and how it works. “
UDP takes
messages from application process
, attaches source and destination port number fields
for the multiplexing/demultiplexing service, adds two other fields of minor importance,
and passes the resulting "segment" to the network layer. Then in the network layer the
segments are encapsulated into an IP datagram and then it attempts to deliver the segment
to the receiving host. If the segment arrives at the receiving host, UDP uses t
he port
numbers and the IP source and destination addresses to deliver the data in the segment to
the correct application process. Note that with UDP there is no handshaking between
sending and receiving transport
layer entities before sending a segment. F
or this reason,
UDP is said to be
” (Ross, Keith)
. UDP is utilized to send data, it does not
require to keep track of every packet sent or received and it does not need to initiate or
end a transmission. It is generally used when the destina
tion is known and if the response
is already understood. UDP is a layer on top of the IP that provides a way to distinguish
between multiple programs running on a single computer. UDP is packet


it is up to the application to split the da
ta into packets and to provide any error
checking. This is what makes UDP so much faster than TCP.


also known as Transmission Control

is one of the main


networks. Whereas the

protocol deals only with
, TCP enables two

to establish a connection and exchange streams of data. TCP guarantees delivery of
data and also guarantees that packets will be delivered in the same order in which they
were sent

(Webopedia TCP).

is used to carry out the session provides its own error
checking and correcting as well as being responsible for controlling the speed at which
the data is sent.
Another major difference between TCP and UDP is that TCP is capable

detecting congestion i
n the network

and will slow down transmission speeds when
congestion occurs. This shows us that delays occur every time a bit error or packet loss
occurs, and this can be a large source of jitter

Mahdavi, Jamshid

The jitter caused by
TCP makes it unre
liable and not very useful when used in real time instances such as

requires. This all makes sense when you sit back and think about it, the
session is carried out on TCP which is slower, and the remote or the client listens on UCP
which is fas
ter for the reason that the remote has to receive more information and has to
use the faster protocol to receive the information in real time.

Some people might be weary about the fact of accessing a computer through a

some may think well it

would be easy enough for anyone to get access to my
own personal PC.

provides for many security options,
to prevent outside
users to access your computer, a

host can be configured to accept TCP/IP
connections that fall within a spec
ified range of addresses. Also another form of
blocking users that IT and IS professionals can use is serialization, this allows for a
security code to be embedded in a

host and remote objects that they create.
Also to prevent unauthorized use
rs to connect to the host there are other methods and
security options that

provides. The first security option is authentication,
just like any other form or authentication, a users credentials are verified against a
directory or access list.

Another way to prevent unwanted users are passwords, to
connect to a host you have to know the password. For dial up connections there is the
callback security, when the remote calls the host

the host drops the call and calls back
the remote at the numb
er that it called from. Also there is a prompt to confirm security
feature which allows the host to know when someone is connecting to their computer. To
prevent hacker attacks there is a limit the number of login attempts security option as
well, also t
o go along with this there is a limit to the time you have to login. The host
computer can allow for an allotted amount of time that a remote computer can be
accessed to the host. There are other methods of security used in order to protect the data
am during a remote control session. Methods such as encryption, there are three
levels of encryption;

encryption, Symmetric encryption, and Public key
encryption. To identify
security risks, Symantec’s Remote Access Perimeter Scanner
) allows for scanning of the network and telephone lines to identify unprotected
remote access hosts. Using RAPS you can shut down a host who is not password
protected and let them know

so they can fix it
. RAPS can also detect host that are using
remote access software. Also another option that you can use in

is a
logging function; you are able to log every file accessed and everything that is done in a
session, in order to provide for security and auditing purposes.

With all of these
features users feel comfortable with using the


Addressing Security


provides for fast file transfers, it uses SpeedSend technology to
accelerate file transfers by sending only the sections of f
iles that have changed since the
last time the file was transferred. It also allows you to easily navigate to the most
recently visited files and folders using the Go feature. The
re is a

ag feature


you to quickly select files or folders for

easy file transfer. These faster file transfer
options along with the security options show how powerful

is as a remote
access software.

Other features and benefits of

are options such as, conference host
which allows for multipl
e users to connect to the host computer at the same time and
simultaneously view the hosts actions or what is going on, on the host computer. This
would be beneficial for companies or people who want to have a presentation
long distance parties.
ou could
make a

presentation and display it on
the host computer and many remote users could connect to the host and be able to view it
at the same time as everyone else.
Another option offered by

is called Auto

llows you to automatically t
ransfer folders or files to and from the host

The file manager allows you to view the files and folders on both the host and
the remote PC
. Y
ou are
able to choose which files or folders you want transferred
you can select them
, and set it for end connection after the transfer is complete
the files and folders will be transferred

without you having to stay at the PC the whole

also includes a file manager, this
lets you quickly navigate to

the files
and folders you need, transfer files and folders to and from another computer, and
synchronize content.

From the file manager window you can m
ove, copy, or sort files on
both computers.


also allows you to
also transfer folders, and
clone files and
folders to make them exactly alike on both computers.
Another highly applauded feature

is f
ile manager
, which
compares the contents of the folders on the host
and remote computers and highlights any differences. This feature
is especially useful if
you want to synchronize or clone folders to ensure that you do not copy a file you no
longer need or
delete an important file.


includes the

Packager, this l
ets you create, modify, and build customiz
ed installation sets
or packages that you can distribute to users on your network.


Packager, you can tailor

to fit your corporate environment, building
packages that contain only the features and settings that your users need.


includes a set of custom installation packages that are pre
configured to support the most

usage scenarios.


includes a Host
Administrator utility, which lets network administrators remotely control and con

hosts on a network

(Features and Benefits)

Our group decided to try a trial version of

and found it very useful
and easy to

use. The set up was fairly simple to understand how to use
with the use of
the help file.

We used

to connect to a PC that is used by one of our friends
in Delaware to navigate and fix a problem on her PC. The connection was easily made
using the connection wizard. We connected from our local LAN here at


to her
DSL connection at her apartment. What showed up on our screen here
at school was what was on her desktop at her PC.
Note that we are using Windows XP
here at school and she is using Windows 98 and our hardware is vastly different.
were able to naviga
te her whole system and

find out what the problem was. The
problem, it turned out was with her one of her drivers. Through

e were


reinstall the driver that she needed from here and fix the problem.

Virtual Network Computing:

C or Virtual Network Computing is a freeware program offered by AT&T.
Because of

functionality and attractive price, it has gained a very good reputation as a
piece of Remote Access Software. As with all other RAS, VNC has a client and a server.
server is installed on the machine that you wish to access remotely, and the client is
installed on machines you wish to access the server from.

you do
not have to install the whole software package on the client PC, the client software
is just
a 177kb file.
Once both are installed, VNC can operate over any reliable transport such
as TCP/IP.
However, VNC does not have all of the options that


it is
obvious that

is a much more powerful software.
VNC uses the RF
protocol or the Remote Frame Buffer protocol.
RFB is a simple protocol for remote
access to graphical user interfaces.
This protocol simply allows the server to update the
framebuffer displayed on the VNC viewer or client. Since the protocol works at
framebuffer level, it is potentially applicable to all operating systems, windowing
systems, and applications. This can include UNIX, Windows, Apple Macintosh, and
PDAs. The RFB protocol is a truly “thin
client” protocol since it can run on a variety

hardware and has very few requirements for the viewer or client. Also, the task of
implementing the client is very simple to the user. In order for the protocol to display
graphics on the client or viewer from the server, it sends
X, Y

coordinates fo
r every pixel
to display. For example the server tells the client a position at which to put a certain
color pixel and the client will put that pixel on the screen for the user to see. The server
sends out hundreds of these coordinates every time the scr
een refreshes. This type of
rectangle encoding, as it is called, is very efficient and requires very little bandwidth

(Richardson “The RFB Protocol” 2

The input side of the protocol is based on a standard workstation model of a
keyboard and multi
utton pointing device or mouse. Input events are sent to the server
by the client whenever the user presses a key or pointer button, or whenever the mouse is
moved. These inputs require very little bandwidth and a user will not notice a slow down
in conn
ections while transmitting this data

(Richardson, “Virtual Network Computing”

When the connection between the client and the server is first established, the
server requests a password which the user at the client end enters in. The server and
ent then exchange information about desktop size, pixel format, and encoding schemes
to be used. Then the client requests an update for the entire screen and the session is
After this point, either the client or the server can end the session witho
ut adverse

(Richardson “The RFB Protocol” 6)

Other Remote Access Software:

Timbuktu is another form of remote access and file transfer software that is
mainly beneficial for an enterprise setting. By using a patented screen sharing
ogy, Timbuktu Pro provides complete inoperability between Windows 3.x,
Windows 95, Windows NT 3.51 and 4.0, and MacOS
based computers. Timbuktu Pro
uses unique screen sharing algorithms to reduce bandwidth utilization and to maximize
performance over the

network. Timbuktu provides for three level of proprietary
compression including delta screen compression, color reduction compression, and GDI
packet compression. Timbuktu Pro uses the standard network protocols such as TCP/IP,
IPX/SPX, and Apple Talk.

Timbuktu like

provides for security. Timbuktu
provides for passwords at the user level and also connections are made using a challenge
and response protocol. Also like
, Timbuktu provides for logging. Another
security feature that
is included in Timbuktu as well as in

is the ability of
administrators to limit the use to certain users or IPs. There are also security features that
can be invoked for Windows NT users such as screen locking and screen blanking. Also

comparison that can be made between Timbuktu and

is that they
both use TCP and UDP protocols

(Timbuktu Pro)
. Timbuktu does not provide for all of
the options that

provides for, however, there are many similarities between
the two

One of the last Remote Access Software packages we are going to talk about is
GoToMyPc, which is made and distributed by Expertcity.

is very similar to
’s software. GoToMyPC has most of the features of other RAS but it also
includes ad
ministrative capabilities. It is also because of these capabilities, such as
remote computer monitoring that GoToMyPC is in such high demand with business
managers. It is features like this that set apart GoToMyPC from the other remote access

Expertcity describes GoToMyPC as a “hosted service that enables secure
based access to any Internet
connected windows PC. The current release
supports screen sharing, file transfer, remote printing, guest invite, chat applications and a
l Viewer, which allows viewing of a Windows PC from a Windows, Mac or
Unix PC.” After reading this description of GoToMyPC you may be asking yourself the
same question we did, “how does this differ then from the services offered by VPNs and
After all, this description of GoToMyPC doesn’t seem that different from
what we talked about with

and VPNs. Luckily for Expertcity this couldn’t
be further from the truth.

offers a dow
nloadable file that gives
the reader a comparison between VPNs and another PDF file that gives a comparison

One of the first things that pop into our heads when considering a new program
for our computer is “how much software am I go
ing to have to install” and “am I going to
be able to do it?” According to the GoToMyPC comparison report, GoToMyPC allows
users to access and control their host computer from any other internet
computer and does not require any special software

to be installed ahead of time. VPNs
however require special VPN client software to be installed in every remote computer
that will be used to access the corporate network.

requires pre
of the client software from a CD
ROM and the

configuration of several settings. As you
have previously read however, our group did not find this aspect of

in the least.

Another highlight of GoToMyPC is its simple configuration. Essentially there are
four steps in setting up t
he host computer; registering the computer, installing the
software, naming the host computer and creating an access code. VPN configuration on
the other hand must be specifically configured for every destination and with the
authentication mechanisms for

each destination. Compared to GoToMyPC, the
configuring of

seems especially difficult.
cAnywhere requires users to set
up the connection manually.
Users generally need to know the IP address or DNS name
of the host computer and the specific

IP ports on which that computer is listening.

Whenever speaking of any internet connected program the topic of firewalls is
always bound to arise. As with all business settings firewalls play an important role for
the security of your company’s files, a
ssets, and data. With GoToMyPC both the host
and client computers receive all communications through an outgoing TCP connection
that they initiated, and thus do not require any firewall changes. Unfortunately VPNs and

both require you to modif
y firewalls. VPN requires it to allow the VPN
connections through to the VPN termination device.

requires the user to
configure an incoming connection to that computer.

Last we have security, the most important aspect of any software progra
m. Once
again referring to the comparisons made on
, we find that
GoToMyPC is pre
configured for maximum security using industry
standard Advanced
Encryption Standard (AES) 128
bit encryption. Encr
yption is not our only worry when it
comes to security. We must also be prepared for such things as viruses, worms, and
hackers. Because the remote machine is never made part of the corporate network, it is
irrelevant if the remote machine is infected wi
th a virus. All the remote machine does is
provide a secure channel to use the well
secured computers on the corporate LAN.
Security however for VPNs is their biggest drawback. Basically VPNs take an external
machine, which has not been protected in the

same manner as machines on the internal
LAN, and accord it the same privileges as internal LAN machines. As we said before,
this means that VPNs are more likely to get your machines exposed to hackers, viruses,
and worms. GoToMyPC eliminates the securit
y exposure of VPNs because changing the
security of the corporate LAN is not necessary.

can be configured with
various encryption and authentication options. However, GoToMyPC’s comparison
report warns that it may be too complex for many users
. (

GoToMyPC has only two significant drawbacks. The first drawback being that
its pricing is a little on the steep side. The second is that GoToMyPC requires separate
licenses for clients loggin
g in. Once again this would increase the price of using
GoToMyPC even more.

It is now obvious that Remote Access, Terminal Services, and VPN save much
time and money in the end.
Remote Access, Terminal Services, and VPN have much in
common. One such
thing that they have in common is the usage of each, each and every
one of them provides for connection to other computers from a remote lactation for
whatever need possible, whether it be file transfer or system maintenance.
All of them
have a host and a

remote. The whole purpose of Terminal Services is to run applications
on a machine from a separate location. Remote Access allows for control of distant PC
over the internet. Remote Access allows a user at one location to access the information
and the

system at another location.
One of the most well known RAS is pcAnywhere.
PcAnywhere provides for many options such as security features, auto transfers, and
many other very powerful options that the other RASs do not have. VNC
is much like

one of the differences between the two is that for VNC you do not have to
install the whole program on the client PC. Another difference between them is that
pcAnywhere is much more powerful and has many more security options than VNC.
Other RAS is Timb
uktu and GoToMyPC

Timbuktu is mainly used in an enterprise
setting, it also provides for some of the same security options as pcAnywhere.
GoToMyPC includes much of the same things that all of the other remote access software
does, one of the outstanding

options that GoToMyPC offers is administrative capabilities.
The similarities and differences with what was spoken about are obvious. In addition, it
is clear about all the options and all of the actions that are allowed by each of the things
that were
discussed in detain throughout the paper.