This page has been robot translated, sorry for typos if any. Original content here.

Windows XP Remote Management

Windows XP Professional has a built-in tool for remote computer control. You can from any premises in which place to eat another computer with any version of Windows (at least 95 OSR2) also a modem or the Internet, own full access to the desktop of your family computer, if it is connected to the network.
For the source, we need to enable the use of remote control. Moving to the "Control Panel -> System -> Remote Sessions" we also enable "Allow remote access to this computer" there.

In principle, the computer is now ready for remote control. However, you need to somehow find it on the Internet. If your ISP provides an external static IP address, then there is no problem. However, many providers (in particular, Stream) provide an external dynamic IP address - it is different once, and after a few hours your ancient IP may already belong to someone else. To solve this problem, there are numerous DynDNS services - they give you a domain name that will point to your IP, non-stop track and also update your IP changes. In particular, you can eat such a gratuitous favor on No-IP.com, where you can create your computer some third-level domain on the Internet, for example, mycomputer.no-ip.com. There blah blah is allowed to download the customer - No-IP dynamic update client, which will non-stop contact with the No-IP.com service and check / update your IP. I will not talk about the settings of this customer in any way, but I can advise you not to change its settings in any way, besides the parameter "When updating via NAT / Router / Proxy address ONLY ...", which is better to set to "every 5 minutes".
Now, it is allowed to find a computer via the Internet. However, it is still necessary to establish a connection with him. If for example you have an ADSL-LAN modem, or just NAT, then you need to configure the "Port Forwarding" function for TCP port 3389 on NAT (remote management works on it).

Also, in the firewall you need to allow TCP port 3389 to enter. I'll tell you about the Windows XP OS firewall sample (which appeared in another service pack). We go to the tab “Exceptions” and there we enable the program “Remote Desktop Control” (Fig. 2), then we make our way to the tab “Advanced” and there we also enable the service “Remote Desktop Control” in the network connection parameters (Fig. 3). For the Agnitum Outpost v.2.5 firewall, you need to find svchost.exe in the "Options -> Applications" menu, then use "Change -> Edit Positions -> Create" to create the position.

Now let's deal with the client side. The customer for remote control is natively built into Windows XP. You can also find it in "Start -> Programs -> Accessories -> Union -> Remote Desktop Connection". If you will be managing remotely from an earlier version of Windows, you will need to install the customer (it can be taken on the Microsoft website or went to copy the files mstsc.exe and mstcsax.dll from the directory c: \ windows \ system32 \ of the installed Windows XP.

So, we are starting a connection. Establish a connection with the Internet, also start the customer ("Start -> Programs -> Accessories -> Union -> Remote Desktop Connection" or just mstsc.exe). Press the "Parameters" button to gain access to additional settings (Fig. 5), in order to proceed to the client settings. "Computer" is the address of your computer on the Internet. Here you must specify either a static IP address, or, for example, the previously mentioned dynamic domain such as mycomputer.no-ip.com.
A “user” is usually Administrator or any of the administrator accounts existing on the managed computer. On the “Screen” tab, it is allowed to adjust the size of the customer’s window (I do not recommend setting more than 800x600). To optimize the work of a remote customer on modem lines, it is similarly desirable to disable the "Sound on a remote computer" mode, which is located on the "Local Resources" tab. Are you done? Great, connect.

I note that when you establish a remote control session, local access on the remote machine will become blocked at once - a request for a name and password will also appear. After the end of the session, the computer will remain in locked mode until it is unblocked in any way by entering the password locally as well.

Well that's all. I will add another significant security recommendation - do not make passwords for administrator accounts (they are at least a couple of them in Windows XP — the Administrator created during installation is also yours) shorter than ten characters — otherwise, attackers can pick it up.