Section 7.4. Stuff You Can Do with a Network

Previous page
Table of content
Next page


7.4. Stuff You Can Do with a Network

Now that you've get your network functioning, it's time to start taking advantage of the features it provides. In this section:

  • Virtual Private Networking

  • Accessing an FTP Site in Explorer

  • Controlling Another Computer Remotely

  • Managing the Nameserver Cache

See the section, Section 7.5, for some cool things you can do with a wireless network.

7.4.1. Virtual Private Networking

Virtual Private Networking (VPN) is a system whereby a workgroup of two or more computers can be connected by an Internet connection rather than a physical cable. In theory, VPN provides the security and privacy of a closed environment, without the astronomical cost of a private wide-area network.

The technology used in Virtual Private Networking either the Point-to-Point Tunneling Protocol (PPTP) or the Layer Two Tunneling Protocol (L2TP) allows you to create a private "tunnel" across your Internet connection. With a VPN, you can accomplish tasks previously available only over a LAN, such as file and printer sharing, user authentication, and even networked gaming. Figure 7-14 illustrates a typical scenario with a tunnel connecting a single computer to a remote workgroup.

Figure 7-14. Form a virtual private workgroup through a tunnel across the Internet


Before you can set up VPN, you need a tunnel server. If you're connecting to a large company, the VPN administrator will provide the necessary settings (and software, if necessary) to establish a connection. If, however, you're building your own VPN, follow these instructions.

The following process briefly shows how to set up a simple VPN workgroup. Select one of the following procedures, depending on the operating system you're using for the tunnel server: Part 1a for Windows XP, Part 1b for Windows 2000, or Part 1c for Windows NT. Then, Part 2 shows you how to configure a Windows XP machine as a VPN client.

7.4.1.1 Part 1a: Set up the tunnel server (Windows XP Professional only)

Here are instructions on setting up a tunnel server in Windows XP Professional:

  1. Log in as the Administrator.

  2. Open the Network Connections window, and double-click New Connection Wizard (or click Create a new connection in the task pane to the left).

  3. Click Next when you see the introductory page.

  4. Select Set up an advanced connection and click Next.

  5. Select Accept incoming connections and click Next.

  6. The next page asks you to select devices you want to use for incoming connections. Don't select anything here; just click Next to skip this step.

  7. Select Allow virtual private connections and click Next.

  8. You'll then be presented with a list of configured users. Place a checkmark next to each username to whom you wish to grant VPN access, and click Next.

  9. The next step allows you to choose which services, clients, and protocols are allowed with incoming VPN connections. These are the same components you'd use when building a workgroup (see Section 7.2.1, earlier in this chapter, for details). Highlight Internet Protocol (TCP/IP) and click Properties.

  10. Turn on the Allow callers to access my local area network option, and then specify how you'd like to assign IP addresses to incoming connections, as shown in Figure 7-15.

    Figure 7-15. Windows XP, when set to accept incoming VPN connections, can act as a DHCP server and assign IP addresses to remote computers automatically; you can optionally assign a range of addresses here


  11. Click OK and then Next when you're done.

  12. Click Finish to complete the wizard.

    If you're using a router on the server end, you'll need to set up Port Forwarding to route VPN traffic to the IP address for your tunnel server. VPN over PPTP uses port 1723, and IPSec uses 500, 50, and 51. If you're using Windows XP's built-in firewall (described later in this chapter), you'll probably need to enter these exceptions there as well. See Appendix C for more information on TCP/IP Ports.


7.4.1.2 Part 1b: Set up the tunnel server (Windows 2000 Server/Advanced Server only)

Here are instructions on setting up a tunnel server in Windows 2000, required before you can initiate a VPN connection with a Windows XP client. See parts 1a and 1c for similar instructions for WIndows XP and NT 4.0, respectively.

  1. Log in as the Administrator.

  2. Double-click the Network and Dial-Up Connections icon in Control Panel, and then double-click the Make New Connection icon. Note that all of the settings in this cumbersome wizard can be adjusted later by double-clicking on the Incoming Connections icon you're creating.

  3. Click Next, select Accept incoming connections, and click Next again.

  4. Place a checkmark next to the network adapter that you use to accept incoming VPN connections, and click Next.

  5. Select Allow virtual private connections, and click Next.

  6. You'll then be presented with a list of configured usersplace a checkmark next to each username to whom you wish to grant VPN access, and click Next.

  7. The next step allows you to choose which services, clients, and protocols are allowed with incoming VPN connections. These are the same components you'd use when building a workgroup (see Section 7.2.1, earlier in this chapter, for details).

  8. Click Next and then Finish when you're done.

7.4.1.3 Part 1c: Set up the tunnel server (Windows NT 4.0 Server/Advanced Server only)

Here are instructions on setting up a tunnel server in Windows NT 4.0, required before you can initiate a VPN connection with a Windows XP client. See parts 1a and 1b for similar instructions for Windows XP and 2000, respectively.

  1. Log in as the Administrator.

  2. Double-click the Network icon in Control Panel, and choose the Protocols tab.

  3. Click Add, select Point To Point Tunneling Protocol from the list, and click OK. When asked how many simultaneous VPNs you want the server to support, choose a nice, big, healthy number, and click OK.

  4. Next, you'll need to add one or more the VPN devices to Remote Access Service (RAS): choose the Services tab and select Remote Access Service.

  5. Click Properties, and then click Add.

  6. From the RAS Capable Devices list, select a VPN device, and click OK. Once all the VPN devices have been added, select a VPN port, and click Configure. Check the Receive calls only option, and click OK.

Repeat this step for each VPN device you've selected. You'll have to restart Windows NT when you're done.

7.4.1.4 Part 2: Set up the VPN client (Windows XP)

Although there only needs to be one VPN tunnel server, you can have as many clients as you like (that is, until you reach the limit specified in the tunnel server's configuration). Here's how to set up a Windows XP machine as a VPN client:

  1. Open the New Connection Wizard, as described in Section 7.1.3, earlier in this chapter.

  2. Click Next on the first page. Select Connect to the network at my workplace on the second page, and then click Next.

  3. Choose Virtual Private Network connection, and click Next.

  4. Next, choose a name for the new connection (it can be anything you want), type it into the Company Name field, and click Next.

  5. Since VPN relies on an existing Internet connection, you have the option at this point of automatically connecting to the Internet before initiating this VPN connection. If you're using a high-speed Internet connection that is always on, choose Do not dial the initial connection here. If, however, you're using a PPPoE connection or analog dial-up connection that must be dialed to connect (as described in Section 7.3, earlier in this chapter), choose Automatically dial this initial connection and then select the desired connection from the list. Click Next when you're done.

  6. The next page is where you specify the network name or IP address of the tunnel server to which you want to connect. If you didn't set up the tunnel server yourself, you'll have to obtain the address from your network administrator.

  7. Click Next and then Finish when you're done.

  8. To initiate a VPN connection, double-click the new VPN connection icon, enter your username and password, and click Connect. As soon as you're connected, you should have access to the additional resources shared on the remote network; see Chapter 8 for details on accessing remote resources.

    If you're using a router on the client side, you'll most likely need to turn on the IPSec option in your router's setup to get VPN to work. Refer to your router's documentation for details.


Note that in previous versions of Windows, it was necessary to "join" a domain (by going to Control Panel For additional tips for working with VPN connections, such as how to bypass the Connect dialog, see Section 7.3.1.2 in Section 7.3, earlier in this chapter.

7.4.2. Accessing an FTP Site in Explorer

For years, FTP has been the quickest and most efficient way to move files from one machine to another across the Internet. Whether you're downloading drivers from a manufacturer's FTP site or uploading HTML files to a web server, FTP is often the preferred transfer method.

To access an FTP server, either to upload or download, you need an FTP application. Windows XP actually comes with three such applications:

  • FTP, a traditional, command-line-based FTP client (ftp.exe)

  • Internet Explorer (iexplore.exe) or any web browser, for that matter supports downloading files from FTP servers. Just go to an address like this: ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/ to view the contents of the specified directory or download the specified file, as the case may be.

  • Windows Explorer[1] (explorer.exe) allows you to view any web site as though it were just another folder and is explained in the rest of this section.

    [1] Microsoft and others might contend that Windows Explorer and Internet Explorer are actually the same program. Personally, I find this to be a matter of semantics (one could argue that all Windows applications are the same program, for they all share DLLs). For the purposes of this solution, and since both applications have distinctly different interfaces, it makes more sense to think of them as distinct and separate applications.

Here are three different ways to hook up to an FTP site in Explorer:

7.4.2.1 Solution 1: Open a temporary FTP folder

This procedure is the quick-and-dirty way to open an FTP folder in Explorer:

  1. Open Windows Explorer (explorer.exe).

  2. If the Address Bar is not currently visible, go to View

    Type an address into the Address Bar, like this:

    ftp://host.com

    where host.com is the name of the FTP server. Note the syntax, similar to web page addresses. Press Enter to log in.

    Since you're not specifying a username or password here, Explorer assumes you want anonymous access (see the "Understanding Anonymous FTP" sidebar). If the specified server does not provide anonymous access, you'll see an error like this:

    Windows cannot access this folder . . . User anonymous unknown.

    Understanding Anonymous FTP

    If you have a personal account on the server to which you're connecting, you'll need to specify your username and password in order to gain access to your personal files.

    However, many FTP servers also provide "anonymous" access to a special, public folder; to log in to this public folder, you just type anonymous for the username and an email address (or nothing) for the password. When you use a web browser to download from an FTP server, as described earlier, it's usually done through an anonymous account.

    Note that not all hosts are FTP servers, and not all FTP servers allow anonymous access.


  3. If you do indeed have an account on the server, select Login As from the File menu, type your username and password, and then click Log On.

    See the next solution for a way to specify the username and (optionally) the password right in the address so that you don't have to deal with the Log On As dialog.


  4. As soon as you're logged in, you'll see a standard folder and file listing. You can rename, drag-drop, and even delete files and folders, just as though they were on your own hard disk.

    The connection will remain active as long as you use it, but will likely become disconnected if left idle for more than a few minutes. It will also be disconnected when you shut down Windows, but it won't be automatically connected when Windows starts.

  5. When you're done, you can make an Internet Shortcut to this location, using the same method as you would for a web page. However, if Internet Explorer is not your default FTP client (see Section 4.3 in Chapter 4), it won't work as expected. See the next solution for a more robust and permanent way to hook up an FTP site to Explorer.

7.4.2.2 Solution 2: Create a more permanent "place" in My Network Places

If you'd like to set up a more permanent FTP connection to use again and again, follow these steps:

  1. Open My Network Places by double-clicking the icon on your desktop or by navigating to it in Explorer.

  2. If you have the common-tasks pane enabled (Tools Add a network place in the Network Tasks box.

    Otherwise, simply double-click the Add Network Place icon.

  3. When the Add Network Place Wizard appears, click Next to skip the intro page.

  4. On the second page, you'll be given a choice of service providers. Make sure you select Choose another network location here, and click Next.

  5. Next, you'll be prompted for the Internet or network address of the FTP server. If you're connecting to an anonymous FTP site, type:

    ftp://host.com

    where host.com is the address (or IP address) of the FTP server (see Solution 1, earlier). Or, if you want to log in to a personal FTP account, type:

    ftp://username@host.com

    Finally, if you want to log in to a personal FTP account, but do not wish to be prompted for a password, you can specify it here, like this:

    ftp://username:password@host.com

    Click Next when you're done.

  6. If you didn't specify a username in the address you typed in the previous step, you'll be prompted for one now. Turn off the Log on anonymously option if you wish to specify a username now; otherwise, leave it enabled and click Next.

  7. On the last page, you'll be asked to type a name for this connection, which will also be name of the folder as it appears in Explorer. The name can be anything you want, but it has to conform to Windows file- naming rules (e.g., no slashes, double-quotation marks, etc.).

  8. Click Next and then Finish to create the connection.

  9. If successful, you'll see the new entry in your My Network Places folder. Just open it to connect to the FTP site.

    Windows provides no simple mechanism of changing the location or other properties of an FTP folder, which means that you'll have to delete and re-create an FTP folder in order to modify it. See Solution 3, next, for a workaround.


  10. The connection created in this solution is simply a folder or, more precisely, a Folder Shortcut (discussed later), located in your \Documents and Settings\{username}\NetHood folder. If you'd prefer that the FTP folder be located elsewhere, open Explorer and move the folder to another location on your hard disk.

7.4.2.3 Solution 3: Another way to create an FTP folder

The functionality that allows you to link up a folder to an FTP site, as explained in Solution 2 earlier, is essentially that of Folder Shortcuts, as seen in Section 4.4.2. This next solution has essentially the same result, but shows how to create such a folder manually. This can be useful, for example, when the Add Network Place wizard (which can be unreliable) doesn't work. It also lets you modify the location of an FTP folder without having to delete and re-create it. Finally, it can be used in conjunction with a WSH script to automate the creation of FTP folders.

  1. Start by following the instructions for making a Folder Shortcut in Section 4.4.2. (You can also use the example WSH script in Section 9.4.6, although it will have to be altered slightly to accommodate FTP shortcuts.)

  2. When it comes time to make the shortcut to a folder, though, make an Internet Shortcut to an FTP site instead. Open your favorite web browserany web browser capable of making Internet Shortcuts will doand type the URL address of any valid FTP server, as explained in either of the previous solutions in this topic.

  3. Once the page loads successfully, create an Internet Shortcut, and name it target.

    Because Internet Shortcuts use the extension .url (which is not visible) and we need the extension to be .lnk (also not visible), we must rename the file. And because Windows will not let you change the filename extension when the extension isn't visible, you'll need to do it from the Command Prompt.

  4. Open a Command Prompt window (cmd.exe), and type the following:

    cd foldername

    where foldername is the full path of the folder containing the target shortcut.

    Hint: to save typing, type only cd, followed by a space, and then drag-drop the folder icon (or even the shortcut itself) right onto the Command Prompt window, and the full path will be typed for you. (If you dragged the shortcut, you'll have to remove the shortcut filename, target.url, before you press Enter.)

  5. Then, use the ren command to rename the file, like this:

    ren target.url target.lnk

  6. Leave the prompt window open, if needed, for the rest of the solution in Section 4.4.2.

7.4.2.4 Notes

  • Regardless of the solution you use, the resulting FTP connection will remain active as long as you use it, but will likely become disconnected if left idle for more than a few minutes. It will also be disconnected when you shut down Windows. In either case, Windows will automatically reconnect as soon as you attempt to use the folder. Note that there's no way to manually disconnect an FTP folder (unless you delete it).

  • You can access files contained in an FTP folder (created in either Solution 2 or Solution 3) from any 32-bit Windows application, and even save files there as well.

  • Create a standard Windows shortcut to a subfolder of an FTP folder (created in either Solution 2 or Solution 3), and place it in your Send To folder (typically \Documents and Settings\{username}\SendTo). That way, you can right-click one or more files or folders, and use the Send To menu to quickly copy the selected items to the FTP location.

  • The FTP protocol does not use encryption or any other method of security, which not only means that your data will not be transferred securely, but your username and password will also not be encrypted when you log in. More secure alternatives include Web Folders, described next; Virtual Private Networking, described earlier in this chapter; or a program that supports SCP (Secure Copy Protocol).

  • Windows also supports a protocol called Web Folders, which works very similarly to the FTP folders feature described here. Although Web Folders also support encryption, very few servers support the WebDAV (Web Distributed Authoring and Versioning) protocol, which means you'll most likely want to stick with FTP or SCP (see Table 7-2).

  • There are other programs you can use for transferring files (FTP and otherwise), any of which may be more or less convenient than Explorer, depending on your needs. See Table 7-2 for a list of alternatives.

Table 7-2. These programs can be used instead of Windows built-in support for FTP

Product

Notes

Creative Element Power Toolshttp://www.creativelement.com

Comes with a context-menu add-on that allows you to right-click any number of files, select FTP To, and quickly transfer them to a custom FTP location.

WS_FTPhttp://www.ipswitch.com

Although it's a rather old-school implementation of FTP, it's side-by-side layout can be extremely convenient for those who use FTP frequently.

SSH Secure Shell for Workstationshttp://www.ssh.com

A secure terminal (replacement for Telnet), which also comes with an SCP (secure copy) client.

WinSCPhttp://winscp.vse.cz

An implementation of SCP, it uses a convenient side-by-side layout similar to WS_FTP.


7.4.3. Controlling Another Computer Remotely(Just Like in the Movies)

A network is good for much more than simply transferring data. Although Windows does let you transfer files to and from other computers in Explorer (see Chapter 8), it's a far cry from actually sitting in front of the remote computer.

One of the severe limitations of the Windows platform is that only one user is allowed to operate the computer at any given time. Unix, on the other hand, allows many simultaneous remote users (even in addition to a user sitting right at the workstation), each with their own graphical X-Windows terminal connection.

Enter the new Remote Desktop feature in Windows XP. Although it still does not allow more than one simultaneous user per machine, it does allow you to view the desktop of another Windows XP computer on your network or over the Internet, just as though you were sitting in front of it.

There are almost limitless uses to this technology; a few examples include:

  • Do you travel frequently, yet prefer to use a desktop (nonportable) computer at home? Rather than duplicating all your programs, documents, and settings on a laptop, or trying to carry all your files and programs with you to use on someone else's computer, just use Remote Desktop to connect to your home computer from the road, and check your email, fax, etc., as though you were sitting at your own desk.

  • Do you need to access your work documents and programs while you're at home, or access your home documents and programs while you're at work? Use Remote Desktop to bridge the link and stop worrying about carrying so much stuff back and forth to work every day.

  • Are you the person family members and friends call with their computer problems? Instead of spending hours on the phone, trying to explain to them how to fix their computers, just connect with Remote Desktop and fix the problem yourself in minutes.

  • Do you administer several computers in different locations? Rather than having to go to the other side of the building (or the other side of the state) to access a computer, use Remote Desktop and get it done in half the time.

  • Are you a software developer? If you need to test your software on different operating systems or platforms, it simply isn't practical to use a multiboot computer;[2] you'll just spend all your time rebooting. Instead, set up a second (or even third) computer with the necessary test environments, and then control them remotely right from your development machine.

    [2] See Chapter 1 for information on setting up more than one operating system on a single PC.

Well, now that this chapter has essentially become a commercial for Remote Desktop, here are some of the disadvantages. First of all, while both Windows XP Home and Professional editions can be Remote Desktop "servers," only XP Professional can be used as a "client" to access remote computers. And although you can use Remote Desktop with some previous versions of Windows, you'll need a different program (like VNC, discussed later in this chapter) to remotely access Mac and Unix machines.

You'll also need a relatively fast connection to use remote control software like Remote Desktop, since a lot of data is transferred to update the screen image. For example, a direct Ethernet (LAN) connection will provide nearly instantaneous response rates, while a DSL or cable connection will be a little more sluggish. Don't even bother using Remote Destop over an analog (dial-up) connection, though.

Overall, the technology included with Windows XP is pretty good. It's not entirely new, however; the same feature, called Terminal Services, is included in Windows 2000. It's also not your only choice; see the discussion of alternatives at the end of this section for more information.

Here's how to use the Remote Desktop feature built into Windows XP.

7.4.3.1 Part 1: Enable the Remote Desktop server

Allowing others to connect to a computer with Remote Desktop is easy. Use the following steps to set up your own computer to be accessed remotely, or you can read them over the phone to the owner of a computer you wish to access remotely.

  1. Go to Control Panel

    Turn on the Allow users to connect remotely to this computer option.

  2. By default, all users currently configured on the machine can connect to it remotely. If you wish to restrict access to only certain users, click Select Remote Users. See Chapter 8 for more information on user accounts.

  3. Also available in this window is the Remote Assistance option; see the "Using Remote Assistance" sidebar for details.

    Using Remote Assistance

    The Remote Assistance feature is optional, but can make it easier for less experienced users to transmit the required information to the person who will be accessing their computer remotely, including the IP address and user account.

    Turn on the Allow Remote Assistance invitations to be sent from this computer option, and then click the Remote Assistance link in this window to open the Remote Assistance dialog (or launch rcimlby -launchra). Here, you have the option of using Windows Messenger (MSN or .NET passport account required) or your default email program (set in Control Panel Internet Options Since these "invitations" can be a security hazard, there are two safeguards in place to automatically disable the feature after a specified amount of time. In the Remote tab of the System Properties dialog, click Advanced to disable the feature completely after a few days. Plus, when sending an invitation, you can configure it to expire only an hour or two after being sent.


  4. Click OK when you're done.

    If you're using a router and you're connecting across an Internet connection, you'll have to set up your router's port- forwarding feature to permit this service. This allows your router to "route" incoming signals (from port 3389) to the IP address of the computer of your choice. If you're using Windows XP's built-in firewall, you'll need to include an exception for port 3389 there as well. See Appendix C for more information on TCP/IP Ports.


7.4.3.2 Part 2: Connect to a remote computer

Once you've set up a machine to accept remote connections, follow these steps on the client side to connect to that computer remotely:

  1. Start Remote Desktop Connection (mstsc.exe).

  2. The default Remote Desktop Connection dialog is very simple, with only a single field. This typically will not be adequate, however, so click Options to display the full dialog, shown in Figure 7-16.

    Figure 7-16. Use Remote Desktop Connection to initiate a connection to another computer and view and interact with its desktop as though you were sitting in front of it


  3. If you're connecting to another computer in your workgroup, type the name of the computer in the Computer field, or if you're connecting to another computer on the Internet, type its IP address here.

  4. Next, type the User name and Password of a valid user account on the remote computer. The Domain field is only used if you're connecting to a computer in a Windows NT/2000 domain; leave it blank otherwise.

  5. If you're connecting to someone else's computer, you'll have to get their IP address, plus the username and password of an account on their computer (see Chapter 8).

    The easiest way to get someone else's IP address is to ask them to visit http://www.annoyances.org/ip, and then have them read aloud the numbers on the page or email them to you. This is usually easier (and more foolproof) than other methods, such as using the Network Connections window or typing ipconfig at the Command Prompt.


    Finally, you can have the remote user send you an invitation using Remote Assistance, described in the Using Remote Assistance sidebar. When you receive your invitation via email, it will come with a file attachment, rcBuddy.MsRcIncident, which you can double-click to initiate a connection to the sender's computer.

  6. The rest of the options in this dialog are optional. The settings in the Display and Experience tabs deal with performance issues, and the Programs tab lets you start programs on the remote computer automatically. The Local Resources tab has similar options, plus a Local devices section, which lets you share remote drives, printers, and even serial ports.

  7. If you plan on reconnecting to the remote computer at a later time, click Save As to create an .rdp file with all the information in this dialog. You can subsequently double-click the file to initiate a connection, or right-click and select Edit to modify its properties.

    Keep in mind that many users' Internet connections use dynamic-IP addresses, explained earlier in this chapter, which would mean that saving someone's IP address would be pointless.


  8. Click Connect to initiate a connection to the remote computer. If all is well, a window will appear with an image of the desktop of the remote computer. You can interact with this desktop by pointing, clicking, and dragging, just as if you were sitting in front of it.

  9. Simply close the window or go to Start 7.4.3.3 Notes

    Since Windows can only have one user logged in at a time, as mentioned at the beginning of this section, the user currently logged in to the remote computer will be automatically logged out to make way for the remote connection. This poses a significant problem if you wish to use the remote computer with its owner watching. VNC, described below, overcomes this limitation.

    The Telnet service (enabled through services.fmsc) does allow multiple users to log on to a single Windows XP machine simultaneously. But since Telnet is little more than a Command Prompt window accessed remotely (via telnet.exe), it doesn't allow you to control any Windowed applications.


    As suggested in the final step, above, a new item will appear in the remote computer's Start Menu, Disconnect. This takes the place of the Shut Down (or Turn off Computer) command normally found here. A consequence of this is that there's no obvious way to shut down a remote computer; this is obviously done intentionally, since a shut-down computer will not accept remote connections. To shut down a remote computer, open a Command Prompt window (cmd.exe) on the remote machine, and type:

    shutdown -s -t 5

    where 5 is the number of seconds to wait before shutting down; specify 0 here to shut down immediately.

    It's helpful to have the resolution of the remote desktop lower than the resolution of the local desktop. That way, you'll be able to see the entire remote desktop and still be able to use the local computer's desktop. For example, if you're using a computer with a display resolution of 1280 1024, set the remote desktop to no more than 1024 768. Use the Display tab of the Remote Desktop Connection dialog to set the desktop size; note that this setting will have no effect on the remote computer's normal desktop size.

    As nice as it would be to drag files into (and out of) the Remote Desktop window to transfer them, the Remote Desktop feature doesn't include any provision for transferring files. Instead, you'll need to use more traditional means of transferring files. If the remote computer is on your own LAN, you can drag and drop files right in Windows Explorer, as described in Chapter 8. Otherwise, if you're connected to the remote computer over the Internet, you'll either need to set up VPN to mimic a workgroup (described earlier in this chapter) or use FTP.

    7.4.3.4 Alternatives to Remote Desktop Connection

    Remote Desktop Connection is not your only choice when it comes to controlling a computer remotely. Since it's built into Windows XP, though, it's obviously a very convenient and cost-effective solution; if you want more flexibility or if you want to control (or be controlled by) a PC running a different operating system, you may wish to use a different program.

    Although there are several commercial alternatives available, one of the best is a free program called VNC, available from http://www.realvnc.com/. Among other things, VNC has the advantage of a very small "viewer" executable. That is, the client software, used on the remote system to access the host, is only a single file, small enough to fit on a floppy. This makes it easy to carry it around with you and run it on any machine you come across with an Internet connection.

    One of the drawbacks of Windows's Remote Desktop feature is that the person whose computer is being controlled won't be able to see their own desktop during a Remote Desktop session. VNC, on the other hand, runs transparently on the host computer, so that both people can see and interact with the same desktop simultaneously.


    VNC also works on any version of Windows, Macintosh, UNIX, Linux, or FreeBSD, in addition to good ol' Windows XP. Someone has even made a Palm-based client (http://www.btinternet.com/~harakan/PalmVNC/), allowing you to control a remote computer from an Internet-enabled handheld device!

    Otherwise, the system requirements are basically the same as Remote Desktop, described earlier in this section. You'll still need the remote computer's IP address, and some way of logging in to the remote computer. VNC has its own user-authentication system, while others such as pcAnywhere (http://www.symantec.com) use existing Windows user accounts.

    Windows XP's Remote Desktop feature, when enabled, will remain enabled even if the computer is restarted. But third-party programs must be specifically configured to start automatically with Windows, in case the computer crashes or the power goes out. If the software you're using has an option to be started as a "service" (accessible in services.msc), you'd be wise to use it rather than adding it to your Start Menu's Startup folder. (VNC has such an option.)

    If you run into a problem getting Remote Desktop or VNC working through a firewall, proxy, or router, or you simply need to get a connection up and running fast, you have another option. GoToMyPC (http://www.gotomypc.com) is a web-based service that tends to work when the others fail. Short sessions are free; longer sessions require a paid subscription.

    7.4.4. Managing the Nameserver (DNS) Cache

    As mentioned a few times elsewhere in this chapter, a nameserver is a machine that translates IP addresses to domain names and back again. For example, when you type http://www.oreilly.com into your web browser's address bar, Windows sends a request to your service provider's nameserver, and the nameserver responds with something like 209.204.146.22, allowing your browser to contact the web server directly and download the requested page.

    Each time such a DNS (Domain Naming System) lookup is performed, the information is stored in the DNS cache so Windows doesn't have to query the nameserver every time you access a page on that site. The DNS cache is emptied when you shut down Windows.

    The following solutions allow you to change the way Windows interacts with its DNS cache, and will affect all applications that access the Internet (not just your web browser).

    7.4.4.1 Part 1: Increase the size of the DNS cache

    A larger DNS cache will mean fewer trips to the nameserver, and faster overall performance:

    1. Open the Registry Editor (see Chapter 3).

    2. Expand the branches to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters.

    3. Add the following four DWORD values by going to Edit Decimal option:

      • CacheHashTableBucketSize, set to 1

      • CacheHashTableSize, set to 384

      • MaxCacheEntryTtlLimit, set to 64000

      • MaxSOACacheEntryTtlLimit, set to 301

      Remember, these are Decimal values (not Hexadecimal values).

    4. Close the Registry Editor when you're done. You'll have to restart Windows for this change to take effect.

    7.4.4.2 Part 2: Add a permanent entry to the DNS cache

    When you add a permanent entry to the DNS cache, it will always override the information provided by the nameserver. Here are a few reasons why you might want to do this:

    • If a nameserver gives the wrong address for a domain or provides no information at all, you can still access the domain if it's listed as a permanent entry.

    • A permanent entry with intentionally incorrect information will block requests sent to the corresponding servers. This can be an effective way to prevent some web sites from tracking you, stop some "spyware" software from recording your personal information, and even stop some pop-up ads when you visit web pages. A list of known "tracking" hosts can be downloaded from http://www.accs-net.com/hosts/.

    • If you frequently access a particular server, and you know its IP address isn't likely to change anytime soon, you can add a permanent entry to eliminate the initial delay as Windows looks it up. For example, add an entry for your mail server to decrease the time it takes to check your email.

    • If you frequently visit a remote server without a domain name (accessing it only by its IP address), you configure a custom domain name, for your use only, to be used as a kind of "shortcut" to the server.

    Providing incorrect information here can prevent you from accessing certain remote servers. Use care when modifying the permanent DNS entry table. Coincidentally, some malware (see Chapter 6) adds entries to your DNS cache, such that you'll be intentionally redirected to the wrong server when you try to visit some web sites.


    Here's how to create and modify the list of permanent DNS entries:

    1. Open Explorer, and navigate to the \windows\system32\drivers\etc folder.

    2. Look for a file called hosts (no filename extension). If it's not there, create it by going to File

      The hosts file is just a plain-text file; open it in your favorite text editor (or Notepad).

    3. A standard entry looks like this:

      207.46.230.218   www.microsoft.com

      The first part is the IP address, and the second part (separated by a tab or several spaces) is the domain name.

      Keep in mind that variations, such as www.microsoft.com and microsoft.com, aren't necessarily the same server, and represent different DNS entries. You'll need to add a separate hosts entry for each variation if you want to access them all, like this:

      207.46.230.218   www.microsoft.com 207.46.230.218   microsoft.com

      Using this syntax, add an entry for each domain you wish to hard-code into Windows's DNS table. Note that these addresses affect your machine only; other machines, such as those in your workgroup or others on the Internet, will not be affected.

    4. You may also see some lines that begin with the # character. These are comments, and are ignored by Windows.

    5. Save the hosts file when you're done. The change should take effect immediately.

    The next time you type one of the web addresses listed in your hosts file, Windows will use the IP address you've specified instead of contacting the DNS server.


    Previous page
    Table of content
    Next page
    Windows XP Annoyances For Geeks
    Fixing Windows XP Annoyances
    ISBN: 0596100531
    EAN: 2147483647
    Year: 2003
    Pages: 97
    Authors: David A. Karp
    BUY ON AMAZON
    Project Management JumpStart
    Certified Ethical Hacker Exam Prep
    Cisco Voice Gateways and Gatekeepers
    Programming Microsoft ASP.NET 3.5
    Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
    Python Programming for the Absolute Beginner, 3rd Edition
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy