What The Data Shows: TeamViewer running on a machine. This is used often when attackers gain access to a machine, running TeamViewer to allow them to access a machine. Description: Looks for the TeamViewer service running on machines. So, these are the configuration if we use Cisco ASA Firewall (i am using OS ver 8. Status: Approved Submitted by ksnihur on 08-01-2019 03:18 PM. Or you could create a GPO that sets the following registry-key: HKEYLOCALMACHINESOFTWAREWow6432NodeTeamViewerVersion6SecurityAcceptIncoming REGDWORD0. So, because TV client must be connected first to the TV server, we can use another aproach, that is blocking every dns request for the *. and/or *. Its impossible to block in traditional firewall. Yes, to make remote connection we need to know the PIN and password, but using Social Engineering technique, untrusted person can gained it.īecause TV client using port 80 for the outbound connection, it is difficult to block using port basis. PC that running TV is potentialy act as a backdoor in the enterprise network. And every party that want to make connection must be connected to the TV server (servers domain is *. and/or *.) usualy using TCP port 80. Everyone who want to access the other TV client need to know the PIN and password of the opposite PC. Similiar like YahooMessenger, TV provide every client with the PIN and password. Even if the PC located behind the firewall. TeamViewer (TV) is application that used to create remote access connection to PC anywhere.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |