Just relax, align your chi and read on

  • Thread starter Thread starter Jim Hubbard
  • Start date Start date
J

Jim Hubbard

Don't freak dude....

1. Yes.

2. No. Only one remote session at a time is allowed.

With Remote Assistance you have to give the remote user permission
through dialog boxes that will pop up on your screen and ask you if you want
to give the person permission to take over your PC. This is the only way
another user can see your screen while you still see your desktop while
using Remote Assistance.

If your machine has been compromised and the hacker wanted to use Remote
Desktop to take over, you would see the welcome screen instead of your
desktop while s/he was connected. If this isn't happening, they are not
taking over your desktop using Remote Desktop while you are using your PC.

3. This feature cannot be turned off for Remote Assistance. Even if a
hacker were to write code to answer these screens himself (which is
possible), I doubt it would be done without you seeing the screens pop up
while it was happening. And you certainly wouldn't miss the hacker moving
your mouse or taking over your desktop.

A hacker is more likely to set software to detect your screen saver
(indicating you are not there) and notify the hacker that your machine is
available - then they would log in using a trusted account (your login or a
login they placed into Remote Desktop with their little app). If this is
the case, you will see a welcome screen instead of your screen saver.

Finally, if a hacker were to want remote control over your PC, VNC is
much smaller....is open source and the server can easily be run without your
knowledge - if the hacker knows what s/he is doing.

In any case, it is doubtful that the hacker would take over with you at
the controls. It would give them away, and prompt a PC cleaning - neither
of which they want.

BO and other trojans can also allow PC takeover with very little to
detect - however, most of these variants are detected and rejected by any
descent anti-virus software.

VNC is not considered a trojan and can get by all anti-virus software
that I am aware of.

Fear VNC.....not Remote Desktop. And make sure you have a password set
for your login that contains at least 7 chars, 1 number and 1 misc character
(like !, @, #, $, etc.). The longer the password the better.

Relax.....it's probably nothing. What evidence do you have of the
requests for remote assistance?



Francis said:
My computer was Hacked and later I discovered that Remote Assistance was
turned on and that invitations had been sent:
1. Is it possible for Hacker to turn on Remote Assistance and send out the invitations?

2. Is it posible for multiple invitations to be sent out so that many
different computers can connect remotely at one time to my computer and view
my desktop?
3. Does there have to be a dialogue box on my desktop to communicate with
the other computer that has Remote access to my computer, or can this
feature be turned off so that I am unaware of the other computers viewing my
desktop?
 
Thank you Jim, Al, and Bill. I am no longer worried about Remote Assistance!

But I am wondering what is VNC?
 
VNC is a remote control tool, with some similarities to Remote Desktop or
Remote Assistance--pretty superficially, though.

If someone has, in fact, been in control of your machine over time, the only
certain way to be sure that they have left no way to get back in, is to
reformat, reinstall, putting up a firewall before connecting to the
Internet, and reapply all service packs and critical security patches.

That's a tough prescription, but the facts are tough, too.

Many, perhaps most, home users find that too tough a route to follow. What
you can do instead, is go over your machine as best you can: Run a good,
current antivirus, and scan all files, and remove anything found. Choose
one of the better online antivirus scanners--pandasoftware, for example, and
scan with their online scanner (last I looked, you actually had to do a
search at their site to find it!) and fix everything it finds. Download and
run both Lavasoft's Ad-Aware, and Spybot Search & Destroy, and remove
everything ad-aware finds, and everything Spybot Search & Destroy flags in
red.

Put up a good third-party firewall which controls both inbound and outbound
traffic.

This will be annoying, because each application wishing to talk outbound
will need your permission to do so, the first time. However, it will, if
you are very careful, and research each such request, keep anything left
behind by the hacker from waking up and communicating outbound.

Depending on the situation, you may be able to justify in your mind doing
less--if, for example, you were infected by a trojan, but are behind a
firewall or nat/router, and the infection was discovered very quickly, you
may feel that the infection was never able to be actively exploited by
anybody.

I can't tell, from your messages, where in the spectrum you fall--there are
lots of issues--what happened to your machine (is there a name attached to
anything you feel the hacker left behind?), your level of technical
knowledge and experience, and the degree of risk you feel about confidential
uses made of your machine--i.e. if a keystroke/password logger was left
behind, what may be revealed, if those logs get mailed out to someone?
 
Great - it sounds like you got good support from your vendor, and are on the
road to a more secure computing future. If you are running Windows XP, be
sure to install Service Pack 2 asap, when it becomes available later this
year.
 
Bill Sanderson said:
Great - it sounds like you got good support from your vendor, and are on the
road to a more secure computing future. If you are running Windows XP, be
sure to install Service Pack 2 asap, when it becomes available later this
year.

But make sure you have someone familiar with SP2 to assist you. SP2 will
lock down everything network and internet related by default. You don't
want to get stranded off the net without a paddle.
 
It is no harder to open the SP2 firewall for Remote Desktop than it is the
SP1 firewall.
I hope everyone is using the SP1 firewall already.
 
Back
Top