Setting up VPN server on Window 7

To connect to a VPN on Windows 7, press the Windows key and, type VPN, and press Enter.

Enter the address of your VPN provider in the Internet Address box. You can enter an address like vpn.example.com or a numerical IP address, depending on the server information your VPN provider gave you.

You should also enter a Destination name – this can be anything you like. It's only used to help you remember which VPN connection is which.

Enter your login credentials on the next screen. Use the username and password your VPN provider gave you.

Windows will connect you to the VPN you configured. If you checked the "Don't connect now" checkbox on the first screen, Windows will save the VPN connection so you can easily connect later.

Once connected, you can click the network icon in your system tray to view your VPN connections. While connected to a VPN, all your network traffic will be sent over it.

To disconnect from a VPN, click it and click Disconnect. You can then reconnect to it later by clicking it and selecting Connect. You can have multiple VPNs configured and switch between them in this way.

To delete a saved VPN connection, press the Windows key, type network connections, and press Enter. Right-click a VPN connection and use the Delete option.

Setting up VPN server on Windows 8

Windows has the built-in ability to function as VPN server, although this option is hidden. This trick works on both Windows 7 and Windows 8. The server uses the point-to-point tunneling protocol (PPTP.)

This could be useful for connecting to your home network on the road, playing LAN games with someone, or securing your web browsing on a public Wi-Fi connection – a few of the many reasons you might want to use a VPN.

Limitations

While this is a pretty interesting feature, it may not be the ideal way to allow VPN connections to your local network. It has some limitations:

You will need the ability to forward ports from your router.You have to expose Windows and a port for the PPTP VPN server directly to the Internet, which is not ideal from a security standpoint. You should use a strong password and consider using a port that isn't the default port.This isn't as easy to set up and use as software like LogMeIn Hamachi andTeamViewer. Most people will probably be better off with a more complete software package like those two.

Creating a VPN Server

First, you'll need to open the Network Connections window. The quickest way to open it is to press the Windows key, typencpa.cpl, and press Enter.

Press the Alt key, click the File menu that appears, and select New Incoming Connection.

You can now select the user accounts that can connect remotely. To increase security, you may want to create a new, limited user account rather than allow VPN logins from your primary user account. (Click Add someone to create a new user account.) Ensure the user you allow has a very strong password, as a weak password could be cracked by a dictionary attack.

Select the Through the Internet option to allow VPN connections over the Internet. You can also allow incoming connections over a dial-up modem, if you have the dial-up hardware.

You can then select the networking protocols that should be enabled for incoming connections. For example, if you don't want people connected to the VPN to have access to shared files and printers on your local network, you can uncheck the File and Printer Sharing option.

Click the Allow access button and Windows will set up a VPN server.

If you want to disable the VPN server in the future, you can delete the Incoming Connections item from your Network Connections window.

Router Setup

You will now need to log into your router's setup page and forward port 1723 to the IP address of the computer where you set up the VPN server. For more instructions, readHow to Forward Ports on Your Router.

For maximum security, you may want to create a port forwarding rule that forwards a random "external port" – such as 23243 – to "internal port" 1723 on your computer. This will allow you to connect to the VPN server using port 23243, and will protect you from malicious programs that scan and attempt to automatically connect to VPN servers running on the default port.

You can also consider using a router or firewall to only allow incoming connections from specific IP addresses.

To ensure you can always connect to the VPN server, you may want to set up a dynamic DNS service like DynDNS on your router.

Connecting to Your VPN Server

To connect to the VPN server, you will needyour computer's public IP address (its IP address on the Internet) or its dynamic DNS address, if you set up a dynamic DNS service above.

Use the Connect to a network option in Windows and enter your computer's public IP address. Provide the username and password you created to log in.

Defending against firewall attack

Hackers have thousands of tools at their disposal to take advantage of you including tools such as keystroke loggers. Keystroke loggers record every single keystroke you type on your computer...this includes your private email messages, your bank account password, and your credit card number! If you are connected to the Internet via a high-speed connection (DSL or cable), hackers can turn your computer into a "zombie" to launch attacks against thousands of other users and computers.

This article focuses on Microsoft Windows users since the majority of computer users today use a version of this operating system on their home and/or office computers. And while not as frequent targets of hackers, alternative operating systems such as Mac OS and Linux are also vulnerable to attack.

10 Steps you can take to protect yourself:

Update your computer - Stop using computers with insecure operating systems such as Microsoft Windows 95, Windows 98, and Windows ME. These versions of Microsoft Windows are now so old and outdated, they cannot be considered secure. Every day you use your computer may put you at risk. Upgrade your computer to Windows XP Service Pack 2 (or consider buying a new PC with it already installed). UPDATE 02/01/2007: Microsoft has now released a new operating system - Vista - which is designed to replace Windows XP and is supposed to be more secure.

Update Microsoft Windows - Even with the newest computer, there are updates to be applied. There have been significant security holes discovered in all versions of Windows so it's important to update your computer's operating system as soon as possible. Regardless of the version of Windows you use, visit the Microsoft's Windows Update website (http://windowsupdate.microsoft.com) and install all "critical patches." You should also consider installing the recommended and driver patches. Note: It's always a good idea to backup your important data before installing updates (see Step #9). Keep in mind that even with Windows XP, there may be more than 80 patches that need to be installed...although the process is fairly automated, downloading the patches could take many hours on a dial-up Internet account. You may not be able to install patches for Windows on your work computer (requires administrator priviledges) but you should ask your network administrator about their plans to keep your work computer up-to-date.

Use antivirus software - No one should be without antivirus software on their computer. There are many commercial products that can help protect your computer from various viruses, worms, trojans and other hacker tools. But antivirus software works based on known viruses...the software must be configured to update its database of what to look for...be sure to configure your anti-virus software to update itself at least daily. And plan to run a complete system check of your computer's hard disks at least once per month to make sure nothing slipped in between antivirus software updates.

Antivirus Software

http://free.grisoft.com (AVG Antivirus Free)http://www.symantec.com/nav/nav_9xnt/ (Norton Antivirus)http://www.sophos.com/products/sav/ (Sophos Antivirus)http://www.pandasoftware.com/home/default.asp (Titanium Antivirus)http://www.trendmicro.com/en/home/us/personal.htm (Trend Micro PC-cillin)http://www.mcafee.com (McAfee VirusScan)

Online Antivirus Checkups

http://housecall.trendmicro.com/http://www.pandasoftware.com/products/activescan.htm

Block Spyware - spyware and viruses often go hand-in-hand but can take many forms. Some 'hijack' your web browser and redirects you to their website. Others quietly download and install trojans, keylogger programs, etc. to your computer so hackers can take control of your computer later. Install and run an anti-spyware program such as:http://www.safer-networking.org/en/download/index.html (Spybot Search & Destroy)http://www.webroot.com/consumer/products/spysweeper/ (Spy Sweeper)http://www.lavasoft.com/products/ad-aware_se_personal.php (Ad-aware SE Personal)

Keep your software up-to-date

Microsoft Office: Many computer users use a version of the popular Microsoft Office suite (Outlook, Word, Excel, Powerpoint, or Publisher). Microsoft has released many patches for the Microsoft Office suite including some for "critical" security issues as well as "stability and performance enhancements." Note that you may need your original Microsoft Office installation CD to complete the updates.

http://office.microsoft.com/officeupdate/default.aspx (Microsoft Office)

Adobe Reader: Acrobat PDF files are used extensively on the SDMS website and throughout the Internet. Adobe Reader 8 can be used to view/print these files. You should not be using older versions - a free upgrade is available.

http://www.adobe.com/products/acrobat/readstep2.html (Acrobat Reader)

Flash: Adobe Flash Player is used on many website, including the ARDMS, to provide a more interactive web experience. Serious security issues have been found in older versions of the Flash viewer.

http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash (Adobe Flash Player)

Use a firewall - A firewall simply tries to block hackers from entering or using your computer. If you are using cable or DSL connections to the Internet, a hacker can attempt to break-in to your computer 24x7! Make sure you have a router/firewall properly installed and configured. The most common mistake home users make is buying a router/firewall but never resetting the default password...it's like leaving the keys in the door! You can also use a software-based firewall to protect your computer from hackers. Microsoft's scheduled release of its Service Pack #2 for Windows XP in August will include a simple software-based firewall designed to better protect your computer. Some software-based firewalls include:

http://www.zonealarm.com (ZoneAlarm)http://www.mcafee.com (McAfee Personal Firewall)http://www.symantec.com/sabu/nis/npf/ (Norton Personal Firewall)

Use complex passwords - whether at work or at home, use complex passwords (and never write them down!). Using a password longer than 8 characters can greatly reduce the chance that someone will guess your password. Hackers don't usually sit there and try to guess your password one at a time. They use automated brute force tools that can break a simple password in a few minutes to a few hours. Here's an example of a complex password: 1mSdM5m3MbEr (Hint: I am SDMS member)

You should change your password at least every 3 months and never reuse old passwords...be creative, come up with something new!

Tip: Never use the same (or similar) password at home and work...if one is compromised, then both are compromised...

Tips for Creating Secure Passwords

http://www.microsoft.com/athome/security/privacy/password.mspxhttp://www.us-cert.gov/cas/tips/ST04-002.htmlhttp://www.symantec.com/homecomputing/library/pass_w.html

Use "Personal Biometric Devices" - If you use the Internet for online banking, purchases, etc., remembering all your passwords can be difficult. Personal biometric devices that use fingerprints are great tools to assist you in protecting your computer and easily storing your passwords ($50 to $150).

http://www.apc.com/resource/include/techspec_index.cfm?base_sku=BIOPOD(APC's Personal Biometric USB Pod)http://www.digitalpersona.com/products/personal.html (Digital Persona's U.Are.U Personal)http://www.microsoft.com/hardware/mouseandkeyboard/productdetails.aspx?pid=093 (Microsoft Fingerprint Reader)

Backup your important data often - Diskettes are no longer practical for backup - a CD recordable (CD-R) drive can help quickly backup your important data (700 MB per disc or equivalent to 485 diskettes). DVD recordable drives are also available (~7 times as much as a CD or equivalent to 3200 diskettes!) Other options include external USB hard drives to store all of your "data", documents, photos, music as well as USB "thumb" drives that you can carry on your keychain.

Enlist the support of experts - all this can be scary...hackers and even unexpected problems with security patches could potentially mess up your system rendering it unusable! And it's time consuming...with over 80 patches to Windows XP, the download and installations can take hours. Don't be afraid to enlist the assistance of experts. Check with your local computer or electronics store. There are many companies that specialize in providing home user support such as Geeks on Call:http://www.geeksoncall.com/resserv.htm