- Nov 30, 2014
- 55
- 0
- 10,640
I have a cryptocoin mining rig whirring away at a remote location and want to access it over the internet using Remote Desktop built into Windows. I have managed to do this by logging into the mining rigs router and forwarding the Remote Desktop Protocol port (3389) to the private IP. In effect, any traffic to my public ip through port 3389 will be directed to the mining rig's private IP, and being on port 3389 it will be accessible by the Remote Desktop client. When I start Remote Desktop on my desktop all I have to do is type in my public ip followed by "3389".... xx.xxx.xxx.xxx:3389. It asks for the mining rigs user credentials and I'm in.
I have read that the downside to doing this is that my mining rig is open to the internet through port 3389. If you know my public IP (its "public" afterall!) and the default RDP port number (everyone can learn that its 3389) then you just need my users name and password. I have of course made the password strong but I don't know if this is enough to make my mining rig secure. Well, it isnt!
I have also read that if I setup my mining rig as a VPN server it can improve security. I have read enough so that I can set this up but I'm not convinced it will be any more secure. Please can somebody explain to me how it may be more secure?
My understanding of setting up the mining rig as a VPN server is this... Instead of opening up my mining rig to the internet through the RDP port I will be creating a VPN and opening this up to the internet. Windows uses the point-to-point tunnelling protocol (PPTP) for a VPN and this uses port 1723. Now I would connect to the remote router/VPN/mining rig using my public IP and port 1723. Once I have connected to the VPN I am effectively hardwired to the VPN so that I can then access the mining rig. I now don't have to forward traffic from port 3389 to my mining rig's private IP.
I'm confused about the "increased security" because although the mining rig isn't open to the internet the VPN is. Once you have connected to the VPN (do you just need the public IP and port number to do this??) you then only need the users username and password to access the mining rig. It seems to me the process of accessing the mining rig is pretty well the same. You just need the public IP and username and password, albeit through a different port and protocol. I could change the port number for the VPN to something different to the default but that's just moving the goalpost (slightly).
I am aware of third-party software such as Teamviewer but for the time being I'd like to persevere with Remote Desktop. I don't like installing software (!, I keep it to a minimum) and I already have something that does the job. I just want to use it more securely.
Any help/advice would be very much appreciated.
Thanks
I have read that the downside to doing this is that my mining rig is open to the internet through port 3389. If you know my public IP (its "public" afterall!) and the default RDP port number (everyone can learn that its 3389) then you just need my users name and password. I have of course made the password strong but I don't know if this is enough to make my mining rig secure. Well, it isnt!
I have also read that if I setup my mining rig as a VPN server it can improve security. I have read enough so that I can set this up but I'm not convinced it will be any more secure. Please can somebody explain to me how it may be more secure?
My understanding of setting up the mining rig as a VPN server is this... Instead of opening up my mining rig to the internet through the RDP port I will be creating a VPN and opening this up to the internet. Windows uses the point-to-point tunnelling protocol (PPTP) for a VPN and this uses port 1723. Now I would connect to the remote router/VPN/mining rig using my public IP and port 1723. Once I have connected to the VPN I am effectively hardwired to the VPN so that I can then access the mining rig. I now don't have to forward traffic from port 3389 to my mining rig's private IP.
I'm confused about the "increased security" because although the mining rig isn't open to the internet the VPN is. Once you have connected to the VPN (do you just need the public IP and port number to do this??) you then only need the users username and password to access the mining rig. It seems to me the process of accessing the mining rig is pretty well the same. You just need the public IP and username and password, albeit through a different port and protocol. I could change the port number for the VPN to something different to the default but that's just moving the goalpost (slightly).
I am aware of third-party software such as Teamviewer but for the time being I'd like to persevere with Remote Desktop. I don't like installing software (!, I keep it to a minimum) and I already have something that does the job. I just want to use it more securely.
Any help/advice would be very much appreciated.
Thanks
Facebook
Twitter
Instagram