Community

Security enhancements

Conrad, Administrator (Posts: 2110)

Jan 11, 2018 4:34:42 pm EST

Hello,

Thank you for your post.

I have some security related remarks/requests of which I am not really sure that they have been asked before (the forum doesn't have a search function).

You can search the forum using the search field on the blue bar above:



Blocking the connection is ok from a security point of view, but I would like to have a message saying something like: "Connection aborted, because host doesn't have the pre-shared secret"..

This is a good point. We'll add a message in one of the subsequent updates.

I wonder if it would be possible to have the RU Server (service) running under a restricted account instead of the System account.

I'm not sure this is possible but I will forward this question to our developers nonetheless.

As far as I can see now it is possible for unknown hosts to join my (public accessible) RU Server.

For now - yes, it is possible. But it cannot lead to any breach or security problems by definition. The Host can only grant access, it cannot "get access".

If you would work with pre-shared secrets for hosts and server, RU Server could block incoming connections that do not have the pre-shared secret.

This won't solve the problem. The problem of unwanted Hosts connecting to RU Server originates from the fact that an admin/tech shares their Host package - e.g. puts it on a website for everyone to download as part of a support service. Any settings that you put in the Host then will be cloned on whichever machine it is run.

Still, we'll give more thought to how we can ensure no unwanted Hosts can connect to the server. A unique PIN or (as you suggested) a shared secret can work but only in some cases. It's  not a 100% solution, unfortunately.

If the host has a pre-shared configured and the viewer doesn't, the viewer still can access the host. While this might be useful in some cases, I would like to have the option in the host settings to deny the connection when a viewer doesn't have the pre-shared secret.

A shared secret is not a means or another tier of authorization. It is a means of confirming the identity of the Host. That is, making sure that the Host wasn't replaced with another Host with the purpose of harvesting your password.

Therefore, if the corresponding connection in the Viewer doesn't have the shared secret field populated the program reasons that the user doesn't care about the identity of the Host and doesn't want to check it.

That said, in the upcoming version 6.9 we are adding 2-step verification (2FA) to the Host (uses Google Authenticator or similar app) . You'll be able to use that in order to strengthen your Host authorization.

Don't hesitate to ask me if you have other questions.

Like Remote Utilities? Write a review

Self-Hosted Server - recover from backup

Conrad, Administrator (Posts: 2110)

Jan 07, 2018 6:56:19 pm EST

You are welcome :)

Like Remote Utilities? Write a review

Self-Hosted Server - recover from backup

Conrad, Administrator (Posts: 2110)

Jan 07, 2018 6:40:34 pm EST

A bit later we'll add a documentation article on server migration.

Like Remote Utilities? Write a review

Self-Hosted Server - recover from backup

Conrad, Administrator (Posts: 2110)

Jan 07, 2018 6:39:43 pm EST

Hello Tyson,

To migrate your address book(s) and sync settings, copy the contents of this folder:
C:\Program Files (x86)\Remote Utilities - Server\data
to the same location in the new installation. You can also copy the Logs and Stat folders if you need the logs.

As for relay, actually there's nothing to migrate there because the relay function is not supposed to save and keep any data. In this role the server simply forwards remote access packets.  

Hope that helps.

Like Remote Utilities? Write a review

Free licence "not valid"

Conrad, Administrator (Posts: 2110)

Jan 05, 2018 6:00:23 am EST

Hello H.C.,

Please, check that you have the latest version of the Viewer installed. Currently, it's 6.8.0.1. You can download the latest version from here https://www.remoteutilities.com/download/

If updating doesn't help, please let me know because the problem could be elsewhere (e.g. a corrupted Viewer config file).

Thanks.

Like Remote Utilities? Write a review

Black Screen (RDP via ID)

Conrad, Administrator (Posts: 2110)

Jan 03, 2018 7:02:33 am EST

Hello Alim,

Then this issue requires personalized help, perhaps even a remote session. We need to see what's with your VM that prevents the screen image from being captured. Let me create a support ticket based on this forum thread. I'll contact you through the ticket soon.

Like Remote Utilities? Write a review

non-LAN time-outs

Conrad, Administrator (Posts: 2110)

Jan 02, 2018 5:00:38 pm EST

Hi Dave,

Thank you for sending the log. Let's communicate via the ticket then.

Like Remote Utilities? Write a review

Black Screen (RDP via ID)

Conrad, Administrator (Posts: 2110)

Jan 02, 2018 10:22:31 am EST

Hello Alim,

Can you successfully access the remote Hosts using Remote Utilities' own Full Control and View mode?

If so, this is rather an RDP/VMWare problem. Remote Utilities' RDP mode just launches the native Microsoft RDP client for you. If Internet-ID connection is used, then RU simply acts as a tunnel - it doesn't get in the way of how RDP works.

Here is some info from the Internet on the subject:

https://kb.vmware.com/s/article/1023109
https://communities.vmware.com/thread/146669v
https://support.microsoft.com/en-us/help/555840

Generally, you need to look for information on why RDP is showing a black screen when connected to a VM.

Hope that helps.

Like Remote Utilities? Write a review

Black Screen (RDP via ID)

Conrad, Administrator (Posts: 2110)

Jan 02, 2018 4:20:13 am EST

Hello Alim,

Thank you for your post.

Although it's the native Microsoft RDP that you use, some solutions listed here may still help https://www.remoteutilities.com/support/docs/full-control-and-view-mode-isnt-working-or-unstable/ . Please, check them out and let us know if they worked for you.

Like Remote Utilities? Write a review

Slow when using ID Connection.

Conrad, Administrator (Posts: 2110)

Jan 01, 2018 6:26:37 am EST

Hello, 무중 신

Thank you for your message.

This troubleshooting article can help https://www.remoteutilities.com/support/docs/slow-remote-connection-speed-performance/  . Note that if you are situated in Eastern Asia our servers may not be fast for you. That's why the best solution would be using either direct connection where possible, or your own RU Server if you need to use the zero-configuration Internet-ID.

Hope that helps.

Like Remote Utilities? Write a review
Page:
This website uses cookies to improve user experience. By using this website you agree to our Terms of Service and Privacy Policy.