Windows Vista : Internet Me (part 3) - Control Your PC Remotely,Manage the Nameserver Cache

5. Control Your PC Remotely

A network is good for much more than simply transferring data. Although Windows does let you transfer files to and from other computers in Windows Explorer , it's a far cry from actually sitting in front of the PC on the other end.

Enter the Remote Desktop feature, included with the Windows Vista Business and Ultimate editions (lesser editions can only use the feeble Remote Assistance feature described later in this section). Remote Desktop lets you view and interact with the desktop of a PC in a window, as though you were sitting in front of it.

There are almost limitless uses to this technology; a few examples include:

• Do you travel frequently, yet prefer to use a desktop (non-portable) computer at home? Rather than duplicating all your programs, documents, and settings on a second laptop, just use Remote Desktop to connect to your home PC from the road, and access your applications and data as though you're sitting at your own desk.

• Do you need to access your work documents and programs while you're at home, or access your home documents and programs while you're at work? Use Remote Desktop together with VPN  to bridge the link and stop worrying about carrying so much stuff back and forth to work every day.

• Are you the person whom family members and friends call with their computer problems? Instead of spending hours on the phone, trying to explain to them how to fix their computers, just connect with Remote Desktop and fix the problem yourself in minutes.

• Do you administer several computers in different locations? Rather than having to go to the other side of the building (or the other side of the state) to access another employee's PC, use Remote Desktop and get it done in a fraction of the time.

• Are you a software developer? If you need to test your software on different operating systems or platforms, it simply isn't practical to use a multiboot computer; you'll just spend all your time rebooting. Instead, set up a second (or even third) computer with the necessary test environments, and then control them remotely right from your development machine.

  
  

First of all, you'll need a relatively fast connection to use any remote control software like Remote Desktop, since a lot of data is transferred to update the screen image. For example, a direct Ethernet (LAN) connection will provide nearly instantaneous responsiveness, while a DSL or cable connection will be more sluggish.

Next, Remote Desktop isn't included with Windows Vista Home (Basic or Premium), and won't work with Macs or Linux PCs, so you'll need one of the alternatives mentioned later. The good news is that you can control any Windows XP or Windows 2000 PC with Remote Desktop.

5.1. Part 1: Enable the Remote Desktop server

Allowing others to connect to a computer with Remote Desktop is relatively easy. Use these steps to set up your own PC, or read them over the phone if you're trying to connect to someone else's PC:

1. Open Control Panel, go to System, and then click the Remote settings link on the left side.

2. Vista offers two levels of access. If you know you'll be using Windows Vista to access this PC, select Allow connections only from computers running Remote Desktop with Network Level Authentication. Or, if you'll need to access this PC from an older Windows XP or Windows 2000 machine, use the Allow connections from computers running any version of Remote Desktop option.

   Network Level Authentication (NLA) is also known as Terminal Services Client 6.0. To use NLA with Windows XP or Windows Server 2003, install the update available at http://support.microsoft.com/kb/925876.

   
   

3. By default, all active administrator-level users can connect to your PC when Remote Desktop is enabled. If you wish to grant access to a lesser user account, click Select Users. 

4. Click OK when you're done; the change will take effect immediately.

5. Next, if you're using a router, you'll have to set up your router's port forwarding feature to permit the incoming connection. (This step, of course, is not necessary if you're connecting from another PC on your local network.)

6. To do this, you'll first need to assign a static IP address to your PC.

7. Next, open your router's setup page  and navigate to the "Port Range Forwarding" page, which should look something like the one in Figure 8. Here, fill out the first blank line as follows:

   
   

   Application

   This is just a description; type Remote Desktop here.

   
   

   Start

   Type 3389, the TCP port number used by Remote Desktop. 

   
   

   End

   Type 3389 here, too.

   
   

   Protocol

   Choose TCP.

   
   

   IP Address

   Enter the static IP address you chose for your PC.

   
   

   Enable

   Place a checkmark in this box to permit this service.

   Click Save Settings when you're done.

   Figure 8. To control a PC across an Internet connection, you'll need to permit the incoming signal by going to your router's Port Range Forwarding page

   

8. If you're connecting to this PC from another PC on your network, all you need is this PC's computer name. In Control Panel, open System and then click the Change settings link in the middle of the page; use the name under Full computer name (not Computer description).

   Or, to access this PC from another PC elsewhere on the Internet, you'll need the true IP address of this PC's Internet connection. Just open a web browser, navigate to http://annoyances.org/ip/, and record the number displayed.

5.2. Part 2: Connect to a remote computer

Once you've set up a machine to accept remote connections, follow these steps on the client side to connect to that computer remotely:

1. Start Remote Desktop Connection (mstsc.exe).

2. The default Remote Desktop Connection dialog is very simple, with only a single field. This typically will not be adequate, however, so click Options to display the full dialog, shown in Figure 9.

   Figure 9. Use Remote Desktop Connection to initiate a connection to another computer and view and interact with its desktop as though you're sitting in front of it

   

3. If you're connecting to another computer in your workgroup, type the name of the computer in the Computer field, or, if you're connecting to another computer on the Internet, type its IP address here. Use the information you got in the final step of Part 1 earlier in this section.

4. Next, type the User name and Password of a valid user account on the remote computer. (The Domain field is only used if you're connecting to a computer in a Windows Server domain; leave it blank otherwise.)

5. The rest of the options in this dialog are optional. The settings in the Display and Experience tabs deal with performance issues, and the Programs tab lets you start programs on the remote computer automatically when you connect. The Local Resources tab has similar options, plus a Local devices section, which lets you share remote drives and printers.

6. If you plan on reconnecting to the remote computer at a later time, click Save As to create an .rdp file with all the information in this dialog. You can subsequently double-click the file to initiate a connection, or right-click and select Edit to change its settings.

   If the remote PC you're connecting to uses a dynamic IP address, it won't do much good to save the connection settings. See the upcoming Remote Desktop tips for workarounds if you need to access this PC consistently.

   
   

7. Click Connect to initiate a connection to the remote computer. If all is well, a window will appear with an image of the desktop of the remote computer. You can interact with this desktop by pointing, clicking, and dragging, just as though you are sitting in front of it.

8. Simply close the window or open the remote Start menu and select Disconnect to close the connection. Or, for better security and to relinquish control to someone sitting at the remote PC, select Log Off instead.

5.3. Tips for Remote Desktop

Here are some ways to improve your experience with Remote Desktop:

Shut down remotely.

You'll see in the remote Start menu that the Shut down button is gone, with Disconnect in its place. This is obviously done intentionally, since a shut-down computer will not accept remote connections, but it does make it more difficult to actually shut down or restart the remote PC. To shut down a remote computer, click an empty area of the desktop and press Alt-F4. Or, open a Command Prompt window and type:

shutdown -s -t 5

where 5 is the number of seconds to wait before shutting down; specify 0 here to shut down immediately.

Want an audience?

When you connect to a remote PC, anyone currently logged in to that computer will be unceremoniously logged out to make way for your remote connection. This poses a problem if you wish to use the remote PC while its owner watches. The Remote Assistance feature, described in the "Using Remote Assistance" sidebar, next, as well as VNC, described below, both overcome this limitation.

Using Remote Assistance The Remote Assistance feature is optional, but can make it easier for less experienced users to transmit the required information to the person who will be accessing her computer remotely, including the IP address and user account. On the PC to be controlled, open Control Panel, go to System, and then click the Remote settings link on the left side. Turn on the Allow Remote Assistance invitations to be sent from this computer option, and then click the Remote Assistance link in this window to open the Remote Assistance dialog (or launch rcimlby -launchra). Here, you have the option of using Windows Messenger (Microsoft Live/Passport account required) or your default email program (set in Control Panel → Internet Options → Programs tab) to send the invitation. When asked to type a personal message, just leave it blank. You can also choose a special password for the person connecting to your computer, which is useful if you don't want to give the remote user your normal password. Since these "invitations" can be a security hazard, there are two safeguards in place to automatically disable the feature after a specified amount of time. In the Remote tab of the System Properties window, click Advanced to disable the feature completely after a few days. Plus, when sending an invitation, you can configure it only to expire an hour or two after being sent.

Keep it windowed.

While you can have your Remote Desktop session fill your screen, it makes things simpler to have it in a window you move around. To do this, set the resolution of the remote desktop lower than the resolution of the local desktop. For example, if you're using a computer with a display resolution of 1280 × 1024, use the Display tab of the Remote Desktop Connection Properties window to set the remote desktop to no more than 1024 × 768. (Note that this setting will have no effect on the remote computer's normal desktop size.)

Share files, too.

As nice as it would be to drag files into (and out of) the Remote Desktop window to transfer them, the Remote Desktop feature doesn't include any provision for it. Instead, you'll need to use more traditional means of transferring files. If the remote computer is on your own LAN, you can drag and drop files right in Windows Explorer. Otherwise, if you're connected to the remote computer over the Internet, you'll either need to set up VPN to mimic a workgroup in order to access that PC's shared folder, or use FTP.

Control Vista Home, Macs, Unix, etc.

Remote Desktop Connection is not your only choice when it comes to controlling a computer remotely. Although there are several commercial alternatives available, one of the best is a free program called VNC. There are actually several derivations of VNC floating around the Web, but one of the best is TightVNC, available at http://www.tightvnc.com/. Among other things, VNC has the advantage of a very small "viewer" executable that doesn't even need to be installed on the client PC, and there's a version available for almost every platform (even Palm OS). It also lets both the person sitting in front of the PC and the person controlling it remotely view the desktop and even interact simultaneously.

Remote Desktop, when enabled, will remain enabled even if the computer is restarted. But third-party programs must be specially configured to start automatically with Windows in case the computer crashes or the power goes out. VNC, for instance, has an option to be started as a "service" (accessible in services.msc), which is much more reliable than a mere icon in the Start menu's Startup folder.

Punch through any firewall.

If you run into a problem getting Remote Desktop or VNC working through a firewall, proxy, or router, or you simply need to get a connection up and running fast, try GoToMyPC (http://www.gotomypc.com). It's a web-based service that tends to work when the others fail. Short sessions are free; longer sessions require a paid subscription.

6. Manage the Nameserver (DNS) Cache

A nameserver (or DNS) is a machine that translates IP addresses to domain names and back again. For example, when you type http://www.oreilly.com into your web browser's address bar, Windows sends a request to your service provider's nameserver, and the nameserver responds with something like 209.204.146.22, and your browser can contact the web server and download the requested page.

Each time such a DNS (Domain Naming System) lookup is performed, the information is stored in the DNS cache so Windows doesn't have to query the nameserver every time you access a page on that site. The DNS cache is emptied when you shut down Windows, which is why it can take a little longer to find web sites just after you've booted up.

The following two solutions allow you to change the way Windows interacts with its DNS cache, and will affect all applications that access the Internet (not just your web browser).

6.1. Part 1: Increase the size of the DNS cache

A larger DNS cache will mean fewer trips to the nameserver and faster overall performance:

1. Open the Registry Editor .

2. Expand the branches to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters.

3. Add the following four DWORD values by going to Edit → New → DWORD Value. Then, enter the numeric values specified by double-clicking and selecting the Decimal option:

   • CacheHashTableBucketSize, set to 1

   • CacheHashTableSize, set tot 384

   • MaxCacheEntryTtlLimit, set to 64000

   • MaxSOACacheEntryTtlLimit, set to 301

   Remember, these are Decimal values (not Hexadecimal values).

4. Close the Registry Editor when you're done. You'll have to restart Windows for this change to take effect.

6.2. Part 2: Add a permanent entry to the DNS cache

When you add a permanent entry to the DNS cache, it will always override the information provided by the nameserver. Here are a few reasons why you might want to do this:

It's a quick and dirty workaround.

If a nameserver gives the wrong address for a domain or provides no information at all, you can still access the domain if it's listed as a permanent entry.

It puts a stopper in spyware.

A permanent entry with intentionally incorrect information will block requests sent to the corresponding servers. This can be an effective way to prevent some web sites from tracking you, some "spyware" software from recording your personal information, and even stop some pop-up ads when you visit web pages. A list of known "tracking" hosts can be downloaded from http://www.accs-net.com/hosts/.

It improves lookup performance.

If you frequently access a particular server, and you know its IP address isn't likely to change anytime soon, you can add a permanent entry to eliminate the initial delay as Windows looks it up. For example, add an entry for your mail server to decrease the time it takes to check for mail.

It's a shortcut for the lazy.

If you frequently access a remote server without a domain name (rather than only by its IP address), you can configure a custom domain name, for your use only, to be used as a kind of "shortcut" to the server.

Providing incorrect information here can prevent you from accessing certain remote servers. Use care when modifying the permanent DNS entry table.

Here's how to create and modify the list of permanent DNS entries:

1. Open Explorer and navigate to the C:\Windows\System32\Drivers\etc folder.

2. Look for a file called hosts (no filename extension). If it's not there, create it by going to File → New → Text Document, and typing hosts for the filename.

3. The hosts file is just a plain-text file; open it in your favorite text editor (or Notepad).

4. A standard entry looks like this:

   207.46.230.218   www.microsoft.com

   
   

   The first part is the IP address, and the second part (separated by a tab or several spaces) is the domain name.

   Keep in mind that variations like http://www.microsoft.com and http://microsoft.com aren't necessarily the same server, and represent different DNS entries. You'll need to add a separate hosts entry for each variation if you want to access them all, like this:

   207.46.230.218   www.microsoft.com
   207.46.230.218   microsoft.com

   
   

   Using this syntax, add an entry for each domain you wish to hardcode into Windows' DNS table. Note that these addresses affect your machine only; other machines, such as those in your workgroup or others on the Internet, will not be affected.

5. You may also see some lines that begin with the # character. These are comments, and they are ignored by Windows.

6. Save the hosts file when you're done. The change should take effect immediately.