![]() In a client-server architecture, you can use telnet to make sure that no firewalls in between are blocking incoming connections to the server. All information exchanged in a telnet session between a client and server is unencrypted and, for this reason, in the last years this application has been replaced by SSH, which provides the same type of service, but encrypted, as it’s based on the Secure Socket Layer (SSL) protocol.Īlthough telnet has become obsolete for remote administration purposes this application is still widely used to verify connectivity to remote services that are based on TCP. By default, a telnet server listens on port 23 for incoming connections from clients. This application is based on the connection-oriented Transmission Control Protocol (TCP). Network and system administrators use this application to configure and administer network devices such as servers, routers, switches, etc. In my opinion, RDP is no less secure than a wide-open SSH port into a server - in either case, the traffic is encrypted, but if you have the login/password (assuming you're not using certificates) you can pwn the server.Telnet is an application that is used to connect to a remote host’s command line terminal interface. To allow those servers to be managed (and also the Full Server 2008 installations), Microsoft provides the Remote Server Administration Tools for Windows 7 which essentially gives you a GUI on your desktop to control most aspects of the server:Īs a side note, I am aware of several reputable hosting providers (including Rackspace) that by default support remote administration via a wide-open RDP port. Windows Server 2008 added support for the "Core" server installations - which essentially give you little or no GUI for configuring the server, aside from very basic things like setting the IP and adding it to a domain. UI tools and interactive desktop could be crudely automated using AutoIT or something similar - if you really want to push it into the absurd ^^ If you must do that, then there's something wrong (and yes, things sometimes wrong so nothing wrong with that, pun not intended) that you're fixing while doing it. In my opinion, using Remote Desktop to a Windows Server is out-of-the-ordinary. Using Remote Desktop you get an interactive session to the server which can be configured to be as secure as any SSH solution or whatnot. If you install the RSAT features on a Vista or Windows 7 desktop you will get most of the standard UI tools to manage AD, infrastructure, replication, Hyper-V and so on with no need whatsoever to open an interactive session with the servers in question. ![]() Most if not all administrative tools you find on a Windows machine can connect remotely to another Windows host for ad-hoc management. Microsoft System Center series is probably the most well-known but the other big ones I hope someone can edit in here. Management suitsĪny decent management solution will let you handle thousands of Windows hosts with a few clicks in a comfortable client tool. Seems one of the more popular options - tools like psexec or 3rd party SSH servers are all available if that floats your boat. Not enabled by default (not even the client, thankfully!) but can be if you want to. As far as I recall, WinRM can be installed on XP and 2003 machines as well - and it can be used to manage other platforms which implements WS-Management, like Linux running OpenWSMan. Since Server 2008/Vista you have Windows Remote Management which is Microsofts implementation of the open web service standard WS-Management which uses SOAP and thus can be protected with TLS/SSL and a number of authentication options.ĬMD and Powershell can invoke WinRM to execute stuff on remote machines so it's easily scriptable. If you stumble upon something that cannot be done from the command line, there's bound to be a 3rd party tool to do it - or you could roll your own given the knowledge of what to actually poke at on the system (generally application-specific files or registry settings). Using Powershell (which currently excludes Server Core) even more options are available like an Add-Computer cmdlet for joining a machine to the domain with additional options over the old netdom. ![]() There's netsh to manage network interfaces and the firewall for instance, and appcmd to handle an IIS instance. There is basically nothing you cannot configure using the command line in Windows these days.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |