How secure is remote-control software?

Topic

New Reply

	LANGALIST PLUS[/size][/font] How secure is remote-control software?[/size]
	By Fred Langa Make sure your remote-control tools guard against man-in-the-middle attacks. Here’s what to look for in remote control, remote access, and remote assistance software.[/size]

---

The full text of this column is posted at WindowsSecrets.com/2011/03/10/05 (paid content, opens in a new window/tab).

Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.[/td]

[/tr][/tbl]

Reply | Quote

Replies

I’ve tried Saluto twice, when it first came out and today, and I’m still, perhaps singularly, totally underwhelmed.

It doesn’t flag stuff that I think it should flag. It flags stuff that I think it shouldn’t flag; and IMO its UI is diabolical.

Maybe I just didn’t “get it”. 5 minutes with Autoruns and Google does the job for me.

And when you uninstall it, it leaves its footprints all over the place.

================================================
Good luck with getting a handle on the MSE disables.

I know two people who’ve had similar problems, both are non-geeks; a 30 year old builder & his girlfriend (Tosh Satellite Pro/Vista), and a 72 year old nun (Tosh Portege/Vista).

Neither were able to say with any certainty when or where their problems started.

But they both remarked that they get often get confused with the software that supports their iPods and iPhones – I guess that’s iTunes. They both said it takes them to downloads that they didn’t know they needed, and they think they may have clicked “download” when they shouldn’t have

In both cases the problems started with a “McAfee” program turning up on their desktops (both messy) that would run of its own accord (via the scheduler I guess) to ask if they want to do a scan.

The builder/girlfriend think they may have clicked yes on the “McAfee” scan. Some time later (days) they got a “Nortons” program asking the same thing, they think they may have clicked yes on this too. At about the same time Avast (which they were using as their AV) started nagging them to upgrade. Then after a few days their machine started running very slow, that’s when they turned up at my door. Avast’s real time functionality had been turned off. I ran a full scans with Avast & Malwarebytes which found nothing, however Trend-Micro’s on-line scan found two items a trojan and … maybe a virus, I forget, which it removed. I killed the “McAfee” & “Nortons” programs, uninstalled Avast, installed MSE and their system was running OK.

A couple of months later the nun had a similar problem, when the McAfee “thing” turned up the nun says she clicked no or cancel, and then called me to ask if I would take a look. The real time protection of MSE was disabled, I know it was definitely on after I installed it a few months previously, because I downloaded something and watched it do the scan. I killed the “McAfee” program manually, I ran a full MSE scan, a Malwarebytes scan and Trend Micro’s on-line scan – they didn’t show up anything. And of course I turned the real time monitoring back on.

It’s interesting that they both, independently, raised the issue of the software they use for their iPods and iPhones – iTunes. The builder/girlfriend & the nun do not know one another. I would guess that the builder/girlfriend spend time at youtube etc, but I doubt the nun has ever watched a video over the ‘net, because she’s on the end of a 64Kbs satellite link.

n2222

Reply | Quote

[INDENT]You wrote:
When you remove Soluto, it undoes all the changes it made. After you install it, you need to leave it installed (and active at startup) to retain the boot improvements.

[/INDENT]True, but, as I was told by the creator of Soluto when I had a problem removing an early version, if you use an uninstaller, such as Revo Uninstaller, the program is uninstalled without removing the benefits.

Sadly, I wonder if the reason for the normal behaviour is that I and many other reviewers thought it clever to mention that it adds to boot times in itself, and suggesting that after it has done its work you could remove it.

If only we’d kept quiet…

Gordon Woolf

Reply | Quote

I am an professional ‘fixer’ and visit many homes of clients with slow startups. I like the idea of Soluto, but I found that it missed things and more disturbingly, it had a habit of disabling the print scroller service in XP, which is just bizarre, especially as it never marks this service as a problem and it is necessary anyway. I hope a less intrusive competitor comes along.

Reply | Quote

I use TeamViewer regularly and find it to be powerful and easy to use. It’s nice to know its also secure. Your preference for RDC is duly noted, but you should have stated up front that you can’t use it if both PCs are running Windows 7 Home Premium, given the prevalence of that edition.

Reply | Quote

How can remote desktop software function if there are NAT routers are either (or both) ends of the connection. The IP addresses for the machines are usually 192.* , but it’s not possible to connect to a remote machine with such an IP address.

If I’m helping less-capable users, I don’t have them trying to bypass their router with their ethernet cable.

Reply | Quote

One item you also failed to mention, is that in “normal” or routine hardening, the terminal service is usuall turned to manual or disabled. This would prevent the RDC from running. So by turning it on, to allow you to use it, it makes the system one more step unsecure. Idealy, we need a freeware, remote control software that is self contained, encrypted, and will run from behind a NAT firewall to another. But I belive the only way, would be a server in the middle. Moving the 2 PCs out from behind the firewall, exposes both to additional risks that are more varied than a man in the middle. This appears to be a catch-22 situation. You are vunerable to a man-in-the-midddle attack, or everything else out in the wild of the internet.

Reply | Quote

RHUB is highly recommended where security solution is requisite. Along with Transmission security that protects data from wire-tapping during the data transmission, it also provides Access security in which your applications are protected from unauthorized access. RHUB’s TurboMeeting system uses both SSL and proprietary encryption to achieve the ultimate security benefits. http://www.rhubcom.com/

Reply | Quote

One item you also failed to mention, is that in “normal” or routine hardening, the terminal service is usuall turned to manual or disabled. This would prevent the RDC from running. So by turning it on, to allow you to use it, it makes the system one more step unsecure. Idealy, we need a freeware, remote control software that is self contained, encrypted, and will run from behind a NAT firewall to another. But I belive the only way, would be a server in the middle. Moving the 2 PCs out from behind the firewall, exposes both to additional risks that are more varied than a man in the middle. This appears to be a catch-22 situation. You are vunerable to a man-in-the-midddle attack, or everything else out in the wild of the internet.

Reply | Quote

Hi,

I’d like to mention that RDC can NOT connect to Vista Home versions! I tried to get up and running until I went to MS Internet FAQs and it says:

Notes

[*]You cannot use Remote Desktop Connection to connect to computers running Windows Vista Starter, Windows Vista Home Basic, Windows Vista Home Basic N, or Windows Vista Home Premium. You can, however, connect from those editions of Windows Vista to computers running other versions of Windows.

[*]You cannot use Remote Desktop Connection to connect to computers running Windows XP Home Edition.

Reply | Quote