How to Remove Remote Computer Access
Data Security First: How to Remove Remote Computer Access
Users, thinking about how to remove remote access to a computer in order to protect themselves from outside attacks, install third-party programs without even suspecting that the majority of all hacks are due to the standard windows settings. In the operating system, remote connections to the computer are allowed by default. Trying to facilitate the work of users, the windows developers included the ability to remotely configure and provide assistance. Such help is only suitable for large corporations that have a system administrator who can fix computer problems in seconds, while being in a different place. For home users, remote access can only facilitate the work of attackers who are eager to hack someone else’s system.
How to get to the remote access settings menu?
In just a few minutes, any user can independently remove remote access to a computer.
- For users working under the administrator account, the following steps must be performed sequentially. “Start”, select “Control Panel”. In the window that appears, select “System”.
- For users working under a different account or not owning account information, you need to open the “System” window with administrator rights. Click the “Start”, “All Programs”, “Accessories” button. Having found “Explorer” in the list, run “with administrator rights”. To do this, hold down the Shift button on the keyboard with one finger and click on the Explorer icon with the right mouse button. If the user works with the mouse with his left hand, it means that you need to click the left mouse button. In the list that appears, select the “Run as administrator” field. In the window that opens, on the panel on the left, find and by clicking on “” open the “Control Panel”, then “All Controls” and select “System”.
Disabling remote access in the system menu
Once in the system control, before removing remote access to the computer, you need to find the appropriate section. On the left in the panel, click “System Protection”. In the bookmarks bar at the top, select “Remote Access”. In the “Remote Assistance” section, uncheck the box next to “Allow connection.” In the “Remote Desktop” menu, set the checkmark next to “Do not allow connections.” Click “OK” and close all system windows. Restart your computer through the Start menu. After rebooting, you need to check whether the changes are saved in the system. To do this, re-enter the system properties and make sure that remote connections are not active. If nothing has changed, you need to carefully study the instructions on how to disable remote access, paying attention to obtaining system administrator rights.
Pitfalls of Virtual Private Networks
All windows users should make sure that the computer is not included in the virtual private networks, except in situations where the provider provides Internet services only through the virtual network, which is reported when connecting. It is necessary with administrator rights to open the “Control Panel” and select the “Network Control Center” item. Select “Change adapter settings.” Before removing remote access and windows 7 virtual private networks, you need to find out which connection is used to operate the Internet, otherwise you can cut off your access. If there is more than one connection in the list, it is better to disconnect first before uninstalling, select the “Disconnect” menu. If the shutdown did not affect the operation of the Internet, you can delete the icon.
Another loophole. Remote windows registry
Questions related to how to remove remote access to a computer are closed by banal disabling of the remote assistant, but few people remember about the remote registry. But if you think about it by connecting remotely to the registry, you can write any commands in it that, when the system reboots, will not only turn on the assistant again, but also cause additional damage to the computer. With administrator rights, in the control panel, select the “Administration” menu. “Computer Management.” In the left pane of the snap-in that opens, select “Services and Applications” and start “Services”. In the list of services, find “Remote registry” and click on the inscription with the right mouse button. Select properties. In the “Startup Type” field, select “Disabled”. Save and restart your computer through the “Start” button.
Disabling Remote Access Using the Command Line
Users who have become acquainted with the powerful command line tool windows will definitely be interested in how to remove remote access to a computer without unnecessary transitions between windows of the operating system. There are two ways: independent input of commands or using an executable file with the extension.Bat.
|net stop RemoteRegistry||stop the remote registry service|
|sc config RemoteRegistry start = disabled||disable remote registry service|
|net stop winRM||stopping the remote assistance service|
|sc config winRM start = disabled||disabling the remote assistance service|
|net stop RemoteAccess||stopping the remote connection service|
|sc config RemoteAccess start = disabled||disable remote connection service|
After each command, it is recommended to write pause in the executable file, because, without completing work with one service, the command is transferred to another service, which can cause an error in the system with a refusal to execute. If after disabling the necessary services there is no desire to restart the computer, you can immediately stop the service from the command line.
Windows 7 remote desktop
Remote desktop in windows 7, as its name implies. This is a service that allows you to connect to the desktop of a computer remotely over a network. If you think that only administrators need this feature, then you are mistaken. For ordinary users, Remote Desktop may also come in handy:
- If you need to use a program that cannot be installed at work. You can connect to a home computer on which programs are installed
- You forgot the document at home that you want to find on your computer. Of course, you can search for a document directly on the shared folder of your home computer, but there is one complication. Search on a remote folder, with a slow connection. Very inefficient.
- If you have your own servers. You can configure them from anywhere on the planet where there is Internet access.
In order to enable remote desktop in windows 7, you need to do the following:
Go to the Start menu. Right-click My Computer. Select Properties in the context menu.
In the window with system information that opens, on the right side, click Configure remote access.
You have opened the System Properties dialog box, Remote Access tab. Here, in the Remote Desktop section, you need to set the radio switch to the Allow connections to your computer position. There are two options for enabling Remote Desktop:
- Allow remote connection to your computer from any computer on which the Remote Desktop client is installed. This option is less secure, but you can connect from computers that do not have windows installed, such as Linux, or iOS.
- Another option is to enable remote desktop. This allows connections only to computers that use RDP with Network Level Authentication support, that is, windows 7 and newer.
I will include a less secure method, since I use Ubuntu Linux on my laptop, and you if you plan to use only windows 7 and newer. Use the second option.
If it is not possible to be physically near the computer, the connection to the remote desktop can be turned on remotely, namely by connecting the registry editor to the remote machine and changing the appropriate settings. This procedure is relevant for computers. Domain members.
After you turn on Remote Desktop, you can connect to it very simply. Remote desktop windows, makes it possible to connect not only to users of windows, but also other operating systems:
- Windows comes with Remote Desktop Connection (mstsc.Exe)
- On Linux RDP, the client needs to be installed, for example, Remmina, RDesktop, and many others.
To connect to the remote desktop from under windows 7, you need to open the Start menu. All programs. Standard. Connect to Remote Desktop, or type mstsc.Exe in the search bar.
In the Connect to Remote Desktop dialog box, in the Computer field, enter the Name or IP address of the computer on which you enabled Remote Desktop. Click the Connect button.
In the dialog box that appears, enter your username and password.
Please note: You need to enter the username and password of the user of the remote machine, and not the one with which you are connecting.
That’s all. You see the remote desktop and can work at the remote computer, as if you were sitting at it.
Another small remark. You may notice that Remote Desktop does not display all the visual effects of the desktop. This is due to the default settings for the Remote Desktop Client. If you work on the same local network and the connection speed is 100 megabits or more, you can change the settings. To do this, before connecting to the remote desktop, click the Show Settings button.
Then go to the Interaction tab and specify the speed of your network connection, in accordance with which the optimal parameters will be determined.
How to allow remote connection to a computer in windows 7 / 8.1 / 10
Turning on a remote computer connection is very simple. Start-Right-click on the icon my computer in windows 7 or This computer in 8.1, properties. Setting up remote access.
How to allow remote connection to computer-01 in windows 7-8.1-10
Set the Allow remote connection switch.
How to allow remote connection to computer-02 in windows 7-8.1-10
If desired, you can immediately add users or a group to whom this can be done, through the Select Users button.
How to allow remote connection to computer-03 in windows 7-8.1-10
In addition to the “classic” way to enable Remote Desktop support on a desktop computer with windows 7 or a server, you can do this:
In the registry key HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Terminal Server you need to add the fDenyTSConnections key of type dword with a value of 0.
The contents of the EnableRemoteDesktop.Reg file, which can be added to the computer configuration script, are below: windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Terminal Server] “fDenyTSConnections”= dword: 00000000
Nov 22, 2014 00:13 Ivan Semin
The standard windows tool for remote access via RDP within the local network
Windows has been providing remote access over the RDP protocol for a long time. Such a standard tool appeared in the version of windows NT 4.0, released in 1996. Or less functionally it was finalized in the windows XP version, and it was already completed as part of windows 7. Versions of windows 8 / 8.1 and 10 were inherited by RDP from windows 7 without functional changes.
Below we consider in detail the operation of remote access via the RDP protocol in versions of windows 7, 8.1 and 10.
1. Remote access via RDP
2. Password on the remote computer
3. IP address of the remote computer
4. Allow remote connections
5. Connect to a remote computer
6. Connecting to another remote computer account
7. Connection settings
1. Remote access via RDP
Connection via the RDP protocol is carried out between computers located on the same local network. This type of connection is intended primarily for IT professionals who service the computers of companies united in their production network. Without leaving their workplace, connecting remotely to the computers of enterprise workers, system engineers can solve problems that do not require intervention in the hardware of the machines and carry out preventive measures.
Connecting to a remote computer using the RDP protocol is also possible outside the local network, via the Internet. But this will require additional actions. Either forwarding port 3389 on the router, or combining with a remote computer in a single VPN network. In view of this, connecting to a remote computer via the Internet is much easier using other software tools that do not require unnecessary actions. This, for example, the standard windows utility “Remote Assistance” for providing computer assistance over the Internet. It works on the principle of sending an invitation file to a user who will provide computer assistance. Its more functional counterparts in the software market for windows are programs such as TeamViewer.
RDP is also used to connect to Hyper-V virtual machines. Remote connection via RDP can offer more options than the standard connection window for a regular hypervisor. The Hyper-V connection window does not provide audio playback in the guest OS, does not see the connected USB storage media, cannot offer more communication with the physical computer than pasting the text copied into it. While the RDP connection can provide the virtual machine with the visibility of various devices connected to the physical computer, a better picture of the guest OS desktop, work with sound, etc.
To connect via RDP, the remote computer must meet the following requirements:
- It must have a password account;
- The system must allow remote connections;
- If you do not want to change access data every time you connect with a constantly changing dynamic IP address, you need to assign a static IP address in the network settings.
Remote access is possible only on computers with editions of windows Pro, Enterprise or Ultimate installed. Home versions of windows (Home) do not provide remote access via RDP.
2. Password on the remote computer
If you are working with a Microsoft account on a remote computer, and instead of a long password, a short PIN code is used, when connecting via RDP, you must enter the same long password, not a four-digit PIN code.
If the remote computer uses a non-password-protected local account, and there is no particular need for a password, such as when connecting to Hyper-V virtual machines, you will have to create at least a simple password such as “777” or “qwerty”.
3. The IP address of the remote computer
When connecting via RDP, you will be required to enter the IP address of the remote computer. The internal IP address is visible in the network settings of the system. But in windows versions 7, 8.1 and 10, these are three different paths. On windows 7, this is a section of the control panel, and on windows 8.1 and 10, this is the Settings application with each organization inherent in each version. Therefore, we will recognize the internal IP address in a universal way suitable for each of these systems. Through the command line. The command line launch shortcut in windows 7 is available in the Start menu. In windows 8.1 and 10, the command line is launched from the context menu on the “Start” button.
In the command prompt window, enter:
After pressing Enter we get a summary of the data where the internal IP address will be visible.
4. Allow remote connections
Permission to remotely connect to windows systems is initially disabled as a rule. In any case, this applies precisely to licensed assemblies. The ability to connect via RDP on a remote computer is activated in the system settings. We need the “System” section. In the version of windows 7, it can be accessed by searching the Start menu. And in windows 8.1 and 10, the “System” section can be accessed from the context menu on the “Start” button.
You may be interested: We are looking for vulnerabilities in windows 10. We get money
Click “Configure Remote Access.”
In the system properties window, you need to set the option to enable remote connections active. The authentication option should not be removed. To apply the changes, click “Apply” below.
Such settings will open the path to a remote connection, but only for the administrator account. Users of regular accounts do not have the right to independently provide a computer for remote management. This right can be given to them by the administrator.
Below the option to allow remote connections is a button “Select Users”. Click her.
Next, click “Add.”
In the field below we enter the name of the user who is allowed to connect to it using the RDP protocol. For local accounts, this is their name, and for Microsoft accounts, this is the email address through which authorization occurs. Click OK.
That’s it. Now this user’s account will be accessed from any computer inside the local network.
5. Connect to a remote computer
All the necessary actions on the remote computer are done, go to the main computer from which the connection and control will be carried out. You can run the standard RDP connection utility by finding its shortcut using the search inside the system. In windows 7, this is a search on the Start menu.
In versions of windows 8.1 and 10, press WinQ.
A small connection window will appear. In the future, it will be possible to connect to remote computers using just such an abbreviated form. But for now, click “Show options.”
In the “Computer” field, enter the IP address of the remote computer. In the box below. “User”. Accordingly, enter the username. If a Microsoft account is connected to the remote computer, enter the email address.
If the computer is working with a regular local account, the user name must be entered in the format:
For example, DESKTOP-R71R8AM \ Vasya, where DESKTOP-R71R8AM is the name of the computer, and Vasya is the username of the local account.
Below the username there is an option to save authorization data on a remote computer. Connection Settings. IP address, username and password. You can save it as a separate.Rdp file and use it to open it on another computer. Click “Connect”, and then again “Connect” in a new window.
Enter the password for the remote computer account.
Click “Yes” in the certificate error window.
Next, the remote desktop will appear in the utility window. In the corner of the window on the left there is a menu where you can adjust the display in full screen or select a larger scale.
We will get more connection settings via RDP in the utility window initially, before the connection was established.
6. Connecting to another remote computer account
Below the column for filling in the username of the remote computer, if the “Always ask for credentials” checkbox is not selected, the options for deleting and changing access data are displayed. By clicking the “Change” option, in addition to the authorization form in an existing account of a remote computer, we will see the possibility of connecting to another account present on the same computer.
After entering a new username and password, the authorization data for a specific IP address will be overwritten.
7. Connection settings
In the opened window for connecting to a remote computer, we find tabs with customizable parameters. The first two relate to the convenience and functionality of remote access.
“Screen”. In this tab you can set the screen resolution of the remote computer, with this resolution the utility window will open after connection. If access is from a weak computer, you can set a low resolution and sacrifice color depth.
“Local resources”. Here in order to save system resources, you can turn off the sound on the remote computer. Or, on the contrary, you can also set up sound recording from a remote computer. In the column of local devices and resources, after clicking the “Details” button, we can, besides the active printer, select the devices of the main computer that will work on the remote computer. These are smart cards, separate sections of the hard drive, flash drives, memory cards, external hard drives.
An obstacle to using the RDP protocol may be its blocking by antiviruses. In this case, the operation of the RDP protocol must be enabled in the settings of anti-virus programs.
When working on the Internet, it is very important to ensure the security of your connection. The basis of computer security is based on the following basic principles: limited access to a computer, reliable storage of personal and especially important data, discipline when visiting Internet resources. In some cases, system settings allow other network users to control the computer, violating one of these principles. How to protect your computer by prohibiting remote access to it?
In order for other network users to not be able to control the computer, viewing the contents of disks, changing parameters and doing other manipulations, you need to change the system settings. However, in the event that the workplace is part of a local network with shared access to software and devices, the system may not work properly due to a change in settings. The same problems are possible when you need to connect to remote servers or computers.
The process of disabling remote access consists of successive steps:
Stage 1. Maintain a general ban
Performing this manipulation will disable the ability to connect other users to the desktop. For this, the built-in Windows function is used.
To do this, go to the system properties and select the remote access settings. In the window that opens, switch to the position that prohibits this connection. After that, be sure to click “Apply.”
Now, unauthorized users will not be able to perform actions on this computer, but, using the assistant, they can still view events. There is a risk, even though access is already disabled.
2 stage. Disable Assistant
The purpose of the remote assistant is that it opens the ability to view the desktop. In other words, other users can see all the actions that are performed on the screen (opening / closing files and folders, launching programs, setting parameters, etc.). But such an observation is passive in nature, they cannot perform any manipulations.
To disable this assistant, uncheck the box next to the item that allows you to use the remote assistant. This is done in the same window where sharing was turned off. At the end, click “Apply.”
3 stage. Disabling Services
The first two stages limited access to operations and viewing the desktop by other users. But the risk of changing the settings for other users on the computer still exists.
For greater PC security, you must disable some services on the system.
You can find these services in the “Management” tab, and then go to “Services”. The first thing to do is turn off Remote Desktop Services. Running services must first be stopped and only then disabled. At the end, click “Apply.”
Some services may not be on this list because Windows components are not installed. Among them: “Telnet Service”, “Windows Remote Management Service (WS-Management)”, “NetBIOS”, “Remote Registry”, “Remote Assistance Service”. They need to be disabled in the same way.
All manipulations are performed under the administrator account or when entering the password.
Knowing how to disable remote control of a computer through a network can significantly increase the security of working on the Internet. These simple manipulations will make it possible to avoid various troubles during network intrusions. But disabling remote access does not protect against viruses that enter the computer via the Internet. Therefore, you need to be careful when visiting dubious resources on the network.
Deny remote access
As mentioned above, we will only change system settings that allow third-party users to view the contents of the disks, change the settings and perform other actions on our PC. Keep in mind that if you use remote desktops or the machine is part of a local network with shared access to devices and software, then the following steps may interfere with the operation of the entire system. The same applies to situations when you need to connect to remote computers or servers.
Disabling remote access is performed in several steps or steps.
- General prohibition of remote control.
- Shutdown assistant.
- Disabling related system services.
Step 1: General Prohibition
With this action, we disable the ability to connect to your desktop using the built-in Windows feature.
- Right-click on the icon “This computer” (or simply “A computer” in Windows 7) and go to the system properties.
Next, go to the remote access settings.
In the window that opens, put the switch in the position that prohibits connection and click “Apply”.
Access is disabled, now third-party users will not be able to perform actions on your computer, but they will be able to view events using the assistant.
Step 2: Disable Assistant
Remote Assistant allows you to passively view the desktop, or rather, all the actions that you perform. Opening files and folders, launching programs and setting parameters. In the same window where we turned off sharing, uncheck the box next to the item that allows connecting the remote assistant and click “Apply”.
Step 3: Disabling Services
At the previous stages, we prohibited performing operations and generally viewing our desktop, but do not rush to relax. Attackers gaining access to a PC may well change these settings. You can further improve security by disabling some system services.
- Access to the appropriate snap-in is done by clicking RMB on the shortcut “This computer” and going to point “Control”.
Next, open the branch indicated in the screenshot, and click on “Services”.
First off Remote Desktop Services. To do this, click on the name of the RMB and go to the properties.
If the service is running, then stop it, and also select the type of startup Disconnected, then click Apply.
All the steps above can be performed only under the administrator account or by entering the appropriate password. That is why in order to prevent making changes to the system parameters from the outside, it is necessary to work only under the “account”, which has the usual rights (not “admin”).
Now you know how to disable remote computer control over the network. The steps in this article will help improve system security and avoid many of the problems associated with network attacks and intrusions. True, you should not rest on our laurels, since no one has canceled files infected with viruses that get to a PC via the Internet. Be vigilant and trouble will pass you by.