Remote Control Tools/Software

Printable View

Show 40 post(s) from this thread on one page

May 6th, 2003, 03:36 AM
phishphreek

nsbuttar:

I'm sorry, but that has got to be the most idiotic advise I've ever heard.

You want something that is "secure" in your remote control software. Something like VNC when being tunneled through SSH or stunnel.
Those are both free and you have WAY more control with those than you would ever with a trojan... short of setting up zombies for a DDoS.

Trojans offer NO security what so ever... if I may quote Homer. "Doh!"

By using a trojan or "RAT" as you like to call it... you will only open up holes for anyone who you have installed it on. You make it so any script kiddie with a trojan scanner (which all have) can cause havoc on the net.

If you are using trojans as your remote control software... you don't know dick about securing a system. Let alone good computing practices. But... you can still learn.

Haven't you read about "hacker ethics"? How about just general human ethics?!

That is kind of like me making 25 copies of your MAC card and handing them out (along with your PIN) to random people at the mall!
What do you think they're going to do with it? Throw it in the trash? Nah... they're going to have a field day!

Oh, I've read your trojan tutorial... and I know you're not an idiot per say. Just the advise that you offered is a little out there. We're trying to keep people safe... not open their systems to the world.
May 6th, 2003, 04:47 AM
nsbuttar

phishphreek80 may b ur r quite right but i was against using the tools which ask for $$$$ ...
May 6th, 2003, 04:52 AM
phishphreek

I hate to quote myself... but

Quote:

You want something that is "secure" in your remote control software. Something like VNC when being tunneled through SSH or stunnel.
Those are both free and you have WAY more control with those than you would ever with a trojan... short of setting up zombies for a DDoS.
May 6th, 2003, 07:42 AM
TheFiend

be careful, most of these remote control tools will let anyone log in without username or password by default, also theres no GUI for PCanywhere for editing what ports it uses, you need to use regedit32.exe. If you need to know where to find it in there reply. Also, these tools usually use the NT authentication for username and password.
May 6th, 2003, 08:54 AM
instronics

Pheeshphreak80 has put it all very nicely (i hope i dont have to quote anything there), and the VNC through tunneling is an excellent idea. Also there is something called TightVNC, which is by default encrypted and can be found here:

Tight VNC

Vnc is an excellent tool when it comes to windows remote administration. Just do not forget to USE STRONG PASSWORDS. And maybe even a username which is NOT easily guessed.

To the trojan subject, sub7, netbus, pcanywhere, etc....... stay away from em at any cost. If you want these trojans for hacking, then your a lil script kiddie with too much time on your hands, if you want them for remote administration, then you need to open a good book on networking and security. Never use these lame tools, neither for hacking/cracking, not for remote administration.

So far this was orientated towards windows, so forgive me if i add a *nix method too.

For any *nix system i would recomend SSH2 and/or Webmin which uses https. (webmin.com)

Everything i have mentioned here is free.

Cheers.
May 6th, 2003, 04:17 PM
slarty

Instronics and others:

As far as I'm aware, TightVNC (or indeed any other vnc) traffic is not encrypted except for the connection password.

The login password for VNC itself is encrypted and fairly secure, however there is no protection against someone with a sniffer seeing all your keypushes. Although you can't easily observe the contents of the session from casual observations of the data, it is not encrypted, so with the right software all the communication can be intercepted.

Of course because of this it's also vulnerable to man-in-the-middle TCP hijacking attacks, whereby the attacker could take over an already established connection (although that would be harder).

True, if you tunnel it through ssh, it's ok. But I wouldn't want to use it in the clear.

IMHO it's still a fine choice for a trusted network. It may not have the highest performance, but it has the lowest impact on the host.
May 6th, 2003, 06:18 PM
DeadCr0w

Just so i dont start another thread for this one...

Somebody knows of any apps the could do the same job as terminal services (i mean having multiple session at once)?
May 6th, 2003, 06:48 PM
phishphreek

DeadCr0w:

I have used a pretty good one called rAdmin .

Quote:

Supports Windows NT security so you can give the right to remotely control, remotely view, telnet and/or transfer files to specific users or user groups. If the user is logged to a WinNT domain, Radmin Viewer uses his or her current username/password to authenticate.

Radmin uses a challenge-response password authentication method, based on 128 bit strong encryption—if Windows NT security support is switched off—to allow access to a remote computer.

128 bit strong encryption is used to encrypt all data streams and and it's optimized with a performance loss of only 5%.

Uses an IP filter so access to Radmin server is restricted to specified IP addresses and subnets.

More Features

Free to try, $35 to buy.
May 7th, 2003, 12:26 AM
Noia

Remote desktop does the job for me :)

- Noia
May 7th, 2003, 12:59 PM
theeon

Wee! My first message!

Remote Admin BackOrifice hmm...

Show 40 post(s) from this thread on one page