Paranoid PC Anywhere

If you are like most administrators, sooner or later you end up needing remote access to a server(s) to either fix a problem or finish an install. How to do this without leaving your hosts open to every script kiddie and weekend hacker is the question I hope to answer. The best solution for remote access is obviously to have someone available to initiate the session and not to leave it open 24x7. For some situations, full time access is a requirement. The question is, then 'How do I secure my systems from the bad guys?'. This paper will deal with host mode configuration on an Windows NT 4 Server or workstation system. We will assume you have taken all the other recommended steps to properly lock down your server from unwanted access by reading the current bulletins applying the latest service packs and hotfixes http://www.microsoft.com/technet/security/current.asp disabling the guest account renaming the administrator account removing remote access applying correct permissions to the registry etc. and all the other issues commonly addressed in various white papers and checklists.