Seems kind of quiet here :confused:

Ok, everytime I read a news story about a sys admin who left one too many things running on the web server, I often hear programs like pcAnywhere mentioned. I personally use pcAnywhere, with encryption, logging, blah, blah, etc all that stuff turned on. I don't recall ever reading anything about "big exploit in pcAnywhere gives hacker full control of machine" so why do news sites always play it down as "stupid admin left pcAnywhere in host mode when server was hit with code red". Is it me or does it not make sense? So just a curious question for the Micro$oft Gurus ( :borg: ) about what remote control tools do you recommend.

Myself I've used:

SMS- By microsoft I think, LOL works ok, but a huge memory hog? Why does it use so much RAM in idle, ??? I hate that thing.

pcAnywhere- This one works as advertised, network or modem connection, even printer port if you are really hurting.

Recommend:
Well out of the two that I remember, pcAnywhere wasn't as big of a memory hog, LOL. So I don't recommend anything :p

Well, here at work they use TIvoli endpoint. I haven't seen it from the control side, I just know it is installed on my desktop and some of it's features.

Basically it will let you remotely monitor workstations and stuff like that. You can do a remote desktop and software uploads etc... YOu might want to check it out. ALthough as far as I know it doesn't run in stealth mode, so the user will know it is there.

How about:

1) ControlIT (previously know as RemotelyimPossible)
2) VNC
3) Terminal Services

DAMEWARE is a beautiful program for remote control

Easy to use? Stealth? Memory hog? Bandwidth hog?

I suppose NetBus, BackOrifice, Sub7 is not what you're talking about?

Just a few mainstream tools used. I have yet to try BackOrifice or NetBus although I hear they are pretty well written little programs compared to the MS or Symantec counterparts.

i use sub7 not just 4 hacking but for well ya remote controll

I'm developing some remote control software with Java 1.4 that would let you control an NAT'd device through a publicly accessible server. It uses the idea of Reverse-telnet. I'm still developing the HTTP-based messaging protocol though. I could sure use some help if anyone knows java round here.

well i tell u trojans or RAT as i like to call them ,are the best Remote Control Tools.....BO2K is extremely good at its work...then why to go for paid softwares when u can can get these softwares for free and that too with more features.....just try a Trojan(Rats) Like BO2k... u wont complain

nsbuttar:

I'm sorry, but that has got to be the most idiotic advise I've ever heard.

You want something that is "secure" in your remote control software. Something like VNC when being tunneled through SSH or stunnel.
Those are both free and you have WAY more control with those than you would ever with a trojan... short of setting up zombies for a DDoS.

Trojans offer NO security what so ever... if I may quote Homer. "Doh!"

By using a trojan or "RAT" as you like to call it... you will only open up holes for anyone who you have installed it on. You make it so any script kiddie with a trojan scanner (which all have) can cause havoc on the net.

If you are using trojans as your remote control software... you don't know dick about securing a system. Let alone good computing practices. But... you can still learn.

Haven't you read about "hacker ethics"? How about just general human ethics?!

That is kind of like me making 25 copies of your MAC card and handing them out (along with your PIN) to random people at the mall!
What do you think they're going to do with it? Throw it in the trash? Nah... they're going to have a field day!

Oh, I've read your trojan tutorial... and I know you're not an idiot per say. Just the advise that you offered is a little out there. We're trying to keep people safe... not open their systems to the world.

phishphreek80 may b ur r quite right but i was against using the tools which ask for $$$$ ...

I hate to quote myself... but

You want something that is "secure" in your remote control software. Something like VNC when being tunneled through SSH or stunnel.
Those are both free and you have WAY more control with those than you would ever with a trojan... short of setting up zombies for a DDoS.

be careful, most of these remote control tools will let anyone log in without username or password by default, also theres no GUI for PCanywhere for editing what ports it uses, you need to use regedit32.exe. If you need to know where to find it in there reply. Also, these tools usually use the NT authentication for username and password.

Pheeshphreak80 has put it all very nicely (i hope i dont have to quote anything there), and the VNC through tunneling is an excellent idea. Also there is something called TightVNC, which is by default encrypted and can be found here:

Tight VNC (http://www.tightvnc.com/)

Vnc is an excellent tool when it comes to windows remote administration. Just do not forget to USE STRONG PASSWORDS. And maybe even a username which is NOT easily guessed.

To the trojan subject, sub7, netbus, pcanywhere, etc....... stay away from em at any cost. If you want these trojans for hacking, then your a lil script kiddie with too much time on your hands, if you want them for remote administration, then you need to open a good book on networking and security. Never use these lame tools, neither for hacking/cracking, not for remote administration.

So far this was orientated towards windows, so forgive me if i add a *nix method too.

For any *nix system i would recomend SSH2 and/or Webmin which uses https. (webmin.com)

Everything i have mentioned here is free.

Cheers.

Instronics and others:

As far as I'm aware, TightVNC (or indeed any other vnc) traffic is not encrypted except for the connection password.

The login password for VNC itself is encrypted and fairly secure, however there is no protection against someone with a sniffer seeing all your keypushes. Although you can't easily observe the contents of the session from casual observations of the data, it is not encrypted, so with the right software all the communication can be intercepted.

Of course because of this it's also vulnerable to man-in-the-middle TCP hijacking attacks, whereby the attacker could take over an already established connection (although that would be harder).

True, if you tunnel it through ssh, it's ok. But I wouldn't want to use it in the clear.

IMHO it's still a fine choice for a trusted network. It may not have the highest performance, but it has the lowest impact on the host.

Just so i dont start another thread for this one...

Somebody knows of any apps the could do the same job as terminal services (i mean having multiple session at once)?

DeadCr0w:

I have used a pretty good one called rAdmin (http://www.famatech.com/default.html) .

Supports Windows NT security so you can give the right to remotely control, remotely view, telnet and/or transfer files to specific users or user groups. If the user is logged to a WinNT domain, Radmin Viewer uses his or her current username/password to authenticate.

Radmin uses a challenge-response password authentication method, based on 128 bit strong encryption—if Windows NT security support is switched off—to allow access to a remote computer.

128 bit strong encryption is used to encrypt all data streams and and it's optimized with a performance loss of only 5%.

Uses an IP filter so access to Radmin server is restricted to specified IP addresses and subnets.

More Features (http://www.famatech.com/products/features.html)

Free to try, $35 to buy.

Remote desktop does the job for me :)

- Noia

Remote Admin BackOrifice hmm...

Your question knightmb is relative to tools, but could be extended to general management data (SNMP, Telnet, ....).

That's a huge security problem that networking should resolve better than trusting application layer.

In my opinion security level is high as it rely on low layer. Separate Physical access gives u 100% security but it's not very comfortable especially if you want remote access from the internet.

But what can networking do for u, is to minimize access point to your management interfaces. For instance the use of VLAN (802.1q) will separate data & mgt flows at a layer 2 stand point (There is some known threat at the MAC level but they are easier to mitigate than for L3P, L4P & so on).

The 802.1q VLAN will give a very good level of protection for remote mgt data but what if u wanna remote control from the internet (Data will have to rely on layer 3 in order to be routed)?

The answer is use IPsec with a single access point to your mgt VLAN. IPsec is known to 99,99% security against Man In the Middle attack. Therefore a Threat to your management will come from the mgt VLAN that you own & control.

With such an architecture you have a very good level of security for all ur management interfaces. But you can still enhance it (if ur paranoid like I am) with secured administration tools.

Hope it could help...

I use dameware nt utilities \ remote desktop and Netop remote control \school

These programs rule!

nt utilities if u configure it right on the server install file its hidden and non detectable by virus programs and nearly impossible to delete without the remove file thats created with the server install file!

Netop remote school are cool cuz u can manage\se many machines screens at the same time as in a class room! =)



If u are boored u can try to download "tron" its a backdoor thats fun to play with!
But antivirus find it!

I use PC Anywhere - BUT - change the default ports (5631/5632) to something else.
Haven't had a problem 'yet' (fingers crossed)

On larger networks Tivoli is my preferred choice.

VNC seems to have graphic problems with Win2K - but it still works good, and very little memory.

Gotta look at dameware (thanks)