When someone says that Teamviewer is just moments away from a databreach they are 100% telling the truth and likely already too late.ĭrop Teamviewer. I have had similar reports from friends who all used Teamviewer and at this point we have all dropped them. I changed my password thinking it was compromised. I came home years ago when I still used Teamviewer and my mouse was just moving. So a simple replay attack will be enough to take control of any machine at any time. This means that as long as you have the key you can remote to the machine if you inject the packets with the key as they are sent off. Not a per session key, a per machine key. The way Teamviewer works is that it has a session key for each machine. Things may have changed but from my understanding it has not. So I dropped Teamviewer years and years ago. There is no good argument FOR Teamviewer. Still, we were able to figure it out and have been happy with it. Security is fairly top of mind for the developer, so expect that to be the case.ĭownside is that documentation on all of the settings isn't the best you'll have to dig around the developer's GitHub and blog to get a sense of what the options are. Local accounts can also be protected by MFA or use FIDO2 for authentication. That makes the entire thing internal only.Īlso, user accounts can be authenticated off of a central directory (in our case, we are using SAML auth to Azure AD). If outside access is a problem, you can configure it to be "LAN only" and rely on your VPN site-to-site tunnel infrastructure to handle the connectivity. Not only is it remote desktop, but it can also act as a remote relay, allowing you to SSH to network switches / routers / firewalls / etc. We also use this for management across our enterprise.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |