In today’s HelpWire blog, we’ll find out how Windows Remote Assistance differs from Remote Desktop. Plus, we’ll have a look at some aspects of remote connectivity in different Windows versions and find out how to make sure your machine is not the most low-hanging fruit for all the hackers on the web.
Remote Desktop vs. Remote Assistance: In-depth Comparison
In a nutshell, both Remote Assistance and Remote Connection applications are all about connecting to remote machines via RDP protocol. The difference lies in the area of ends and means. More specifically — the user’s control level and the most common usage scenarios.
The core difference between Remote Assistance and Remote Desktop is whether or not you’ll be able to control your machine during the session.
A quick note here: For any of this to work, you need to ensure that remote connections are enabled in both computers’ properties. If you need more detailed instructions on how to do that, just let me know. And here’s the mini version of said instructions: go to the Remote pane of your System Properties and make sure both checkboxes are ticked there.
Remote Assistance is a standard Windows application that allows access to a remote computer over the network to fix whatever problems it may have. The Remote Assistance application is commonly used for tech support purposes. During your sessions, the user remains in control of your system and, in theory, can interfere if something goes wrong. Now, let’s find out how one can make Remote Assistance work.
Steps to request remote assistance:
Step 1: Type msra.exe into the system search box or hit Win+R and enter msra.exe there to run the app and choose “Invite someone you trust to help you.“
Step 2: Choose how to pass the invitation file to the person you want help from. You can send it directly from the app via your default email, or save the .msrcincident file and then pass it using a network-shared folder or cloud storage, or in any other way.
Step 3: Copy the session password from the invoked window and pass it along with the invitation file to your trusted helper.
Step 4: Wait for your invitation to be accepted.
Steps to provide remote assistance:
Step 1: Type msra.exe into the system search box or just hit Win+R and enter msra.exe there to run the app and choose “Help someone who has invited you. “
Step 2: Click “Use an invitation file“ and then select the .msrcincident file you have received.
Step 3: Copy the session password you’ve received with the invitation file and paste it into the invoked window.
Step 4: Press Enter to start the session.
Windows Remote Desktop connection is another app that allows you to access the remote computer and control its resources over the Internet connection. Windows Remote Desktop totally cuts off the user on the client-side, so there’s no way to even observe what’s going on with your PC for the time of the session. That’s why most people use it to access their own PC over a distance, e.g., the work machine from home or vice versa.
Steps to activate a remote desktop connection on a Windows machine:
Note: This app is only available for the Pro version.
Step 1: Type Remote Desktop into the system search box and press Enter.
Step 2: Select Remote Desktop Connection from the search results.
Step 3: Enter the name of the remote machine you want to access and click Connect.
Steps to activate a remote desktop connection on an iOS or Android device:
Step 1: Go to the Microsoft Store, Google Play, and the Mac App Store and search for the Remote Desktop app.
Step 2: Download and install the Remote Desktop app on your device.
Step 3: Enter the name of the remote machine you want to access and tap Connect.
What port do Remote Assistance and Remote Desktop use
So the answer to the Ultimate Question of Life, the Universe, and Everything… Well, in the context of this blog, it’s more like: Which port is used by Remote Assistance and Remote Desktop. And that answer is 3389.
What is port 3389? It’s a TCP port reserved in Windows for the remote desktop connection since Win XP. It’s even referred to as Windows Remote Assistance port sometimes. Sure thing, you can choose to use some other ports. But to change a Remote Assistance port you must have Administrator permissions.
Needless to say that you’ll need Remote Assistance ports opened on all computers engaged in both Remote Desktop and Remote Assistance sessions. Preferably, not the standard one, for that’s where all malicious software aims. And, whenever you set a custom port number, don’t forget to add the new rule on the Actions pane of the Windows Firewall management console.
Talking about ports, let me say a few words about TCP port 135, as you need to keep it open if you want to link up your PC with the machine that’s not in your local network. And here’s where the trouble typically starts.
That can be yet another open door for worms of all sorts. The most common TCP 135 port vulnerability is the Blaster Worm that just rips your system up for unauthorized remote access and the mass-mailing Reatle E@mm. No one wants that on their computer, right? And guess, what type of service typically runs on TCP port 135 too? That’s right, any messenger you’ve got there. Luckily, that’s not something a decent antivirus can’t deal with.
Security Concerns of Remote Connection
Unprotected RDP connections exposed to the Internet lead to serious problems. As you may already know, no standard Windows utility application is a hundred percent hacker-proof. But both Remote Desktop and Remote Assistance have the same security-sensitive aspects that are relatively easy to fix:
- ➔ Unprotected RDP connections: any connection via Remote Desktop Protocol exposed to the Internet leads to serious problems. So make sure to get yourself a reliable VPN and never use the standard Windows remote access utilities without it.
- ➔ Using default ports: standard TCP port 135 and TCP port 3389 ports opened on a machine is the open door for malware, i.a., Blaster Worm, and Reatle E@mm. Always change the default ports used by your remote connection apps.
- ➔ Weak password protection: as none of these two apps have multi-factor authentication, do not include your session password to the same email with the invitation file or copy those files and passwords to unprotected cloud folders.
While all of the above will help avoid some risks, it is still highly advised to get a specifically-purpose third-party app for your remote connections. Please, take care that the software you’re going to get has at least two-factor authentication and a decent level of traffic encryption. And use your VPN with it too. There is no such thing as too many precautionary measures.
That’ll be all for today’s blog. Don’t hesitate to click my links to dig a bit deeper, stay safe, never accept remote connection requests from strangers, and see you all in the next one.