Preventing Brute Force in PCAnywhere
Results 1 to 4 of 4

Thread: Preventing Brute Force in PCAnywhere

  1. #1
    Junior Member
    Join Date
    May 2003
    Posts
    2

    Preventing Brute Force in PCAnywhere

    Hello Everyone,

    In PCAnywhere you have the option of "Limiting Login Attempts Per Call", but it's pointless because the user can immediately log back in again and attempt to login. The setting "Cancel host after abnormal end of session" doesn't help either because it doesn't count as an abnormal end of a session.

    Does anyone have any ideas or already know how you can prevent PCAnywhere from being brute-force hacked?

    -Noel

  2. #2
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    Use its IP restriction feature. That way, at least you can restrict it to just your IP...which should help that tremendously.

    There are also connection counts and times between connections that could be bumped way up to make it very very very time consuming to try to brute force.

    Have never tried to use it but you could maybe consider using certificates...

    Just a few ideas...

    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  3. #3
    Junior Member
    Join Date
    May 2003
    Posts
    2
    I wasn't able to find the place where I could confiugre the time between connections. If I could do that, it would be sufficient for my situation. Does it have to be done in the registry or something?

  4. #4
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    Hmm...maybe it is just a client side option, that may not have been what i was thinking it was...
    sorry, should have paid closer attention. What I was looking at was:


    remotes -> (select your remote connection) -> settings

    It is at the bottom of that window, but now the more that I think about it, that is probably for your client and its attempts to connect to the remote, not vice versa.

    Just thought of another thing, you can have the screen lock (or logoff) on any disconnect. That way, the person would have to have a real account to log on and get rid of screen lock. I think if you were to do that, have it setup on a non-standard port, and limit connections to IP's, you would remove a very large number of your problems. Unfortunately to me though, it looks like there is no real way to stop brute force, other than to limit connection attempts to 1 per call, but like you said, they can just reconnect...

    I haven't tested it, but you could may be make the authentication for the connection be tied to the users on the box itself (using windows authentication). Then maybe the account will be locked out if too many tries are made (depending on your own audit setup). You might want to give that a shot as well...

    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •