Sign in with
Sign up | Sign in
Your question

Question about remote desktop security.

Last response: in Windows 7
Share
August 22, 2012 6:23:50 AM


Im trying to have my computer the most secure as possible.

I have a firewall, antivirus, anti-malware, etc.

But I was wondering is it possible to have on your computer even with an anti-virus, a malicious program that allow Remote
Desktop Control access (something like ProRat trojan or teamviewer)? Because I am suspecting that someone I know could had install/changed something on my computer. I know those suspicion might not be founded but in anyway I would like to understand how it work.

1. Is there any malicious application that allow Remote Desktop access that cannot be found by anti-virus? (I know it could be put in the list of exeption on the anti-virus)

2. What can I do to be 100% sure that absolutly no one could access my computer (or just see my screen from their computer).

(Sorry about my english)

Thank you very much, Your help is greatly appreciated!
a b $ Windows 7
August 22, 2012 4:57:31 PM

facts about antivirus: an anti virus is only as good as its definitions, so if it has not been updated.
an anti virus works via comparative analysis. (what is comparative analysis = Item by item comparison of two or more comparable alternatives, processes, products, qualifications, sets of data, systems, etc.)

most products like vnc (which is like teamviewer) will show up in a virus scan, due to the fact that hackers include them with trojans.

if you want to verify what you suspect, some things you could do.
click start type "cmd" (no quotes)
type "netstat -ano
keep that windows open / open task manager > click on the process tab > click view and select colums > check pid (process identifier) and click ok > put the process tab in order by pid > now match up the connections you see in the command prompt by pid and you can see the ip address for remote connection by process. the processes have brief description listed in task manger.


enable logging
click start type "secpol.msc" (without the quotes) Local policies > audit policy > enable audit account logon events. if you notice someone logging on when you are not normally around.

this will require you to lock you pc when away, and you will need to password protect you account. (windows key + L locks the pc)
m
0
l
a b 8 Security
a b $ Windows 7
August 22, 2012 5:11:12 PM

The long and short of it is that yes this is possible. It's unlikely that there'd be any kind of full remote control loaded onto your computer, usually it will be something far more simple where the program will log onto a specific IRC server and sit in a specific channel on that server, and get commands that way.

The only way to be 100% secure against these kinds of things is to not be on the Internet in any capacity. Everything is is just a matter of mitigating the risk as much as possible.
m
0
l
!