Warning: iconv_mime_decode() [function.iconv-mime-decode]: Malformed string in /home/secureg/public_html/lib/standard.lib.php on line 2251
Disable Remote Computer Access
Disable Remote Computer Access

Disable Remote Computer Access
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Disable Remote Computer Access dw85745 08-10-2006
Posted by dw85745 on August 10, 2006, 7:11 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
PROBLEM:
Limiting File, Registry, and other remote access by Techs or anyone else.

SOME OF THE QUESTIONS I HAVE -- From the Client Perspective -- are:

Question 1:

Beside the following are there any other ways to access a computer remotely:

1) Terminal Services
2) Remote Desktop
3) Remote Access Services (RAS)
4) Net Meeting
5) ???

Question 2:
What are the names of the Dll's, Exe's used to implement each of the above?

Question 3:
What are the Registry entries (HKEY...) that "Enable" each of the above on
the client machine?

Question 4:
What is the best way to disable the above?

Question 5:
Once access has been granted using one of the above methods, what keeps the
Tech (individual) from regaining access to the client at some future date
unknown to the client?


Thanks
David



Posted by Roger Abell [MVP] on August 10, 2006, 9:09 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hey David,

How about you tell use what you think is the answer to each
and we then express our feelings about those answers ?

Oh, and on your #1 I will toss in that 5) is yes, via anything
that has bound to a socket whose port is accessible.

Roger

> PROBLEM:
> Limiting File, Registry, and other remote access by Techs or anyone else.
>
> SOME OF THE QUESTIONS I HAVE -- From the Client Perspective -- are:
>
> Question 1:
>
> Beside the following are there any other ways to access a computer
> remotely:
>
> 1) Terminal Services
> 2) Remote Desktop
> 3) Remote Access Services (RAS)
> 4) Net Meeting
> 5) ???
>
> Question 2:
> What are the names of the Dll's, Exe's used to implement each of the
> above?
>
> Question 3:
> What are the Registry entries (HKEY...) that "Enable" each of the above on
> the client machine?
>
> Question 4:
> What is the best way to disable the above?
>
> Question 5:
> Once access has been granted using one of the above methods, what keeps
> the
> Tech (individual) from regaining access to the client at some future date
> unknown to the client?
>
>
> Thanks
> David
>
>



Posted by =?Utf-8?B?SWFu?= on August 11, 2006, 4:31 am
If you were  Registered and logged in, you could reply and use other advanced thread options
> Limiting File, Registry, and other remote access by Techs or anyone else.

OK then, we just sit back and wait till your computer gives a glitch.

'HEEEELLPP!!' ... Sorry. No can do. ;-)

Seriously, the default XP config doesn't allow remote access UNLESS the
computer is a domain-member (In which case policies can over-ride any
security settings you make anyway) or someone purposefuly turns it on.

To make an XP machine more secure in this respect, I'd disable:

Telnet
Terminal Services
Remote Registry
RRAS if not used
Fast User Switching

Disabling Terminal Services stops Remote Desktop from working. However, if
someone has had a chance to install software, there is also the possibility
of a hidden VNC server existing on the computer. If so this would be visible
as a process in Task Manager. (VNC normally shows a system-tray icon, but
there are ways to hide this)

Bottom-line is that the best protection is a configurable firewall which
will block acccess from the local LAN to all ports commonly used for
remote-control. That way even if the software gets installed/activated it
won't work. The inbuilt firewall is adequate provided you uncheck the
exceptions for remote assistance, but Kerio or ZoneAalarm would be better.



Posted by dw85745 on August 11, 2006, 9:43 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Thanks for response Ian and Roger.

I know a firewall will work to control ingress/egress in most cases.
Unfortunately, firewalls are not 100% effective.

The purpose of my post is three fold.

1) Check a pre-XP machine to see what -- if any -- remote access exists.

2) Examine a specific needed DLL (not mine) to see if it contains any SDK
functions that may be remote related,

3) Climb the learning curve about remote access -- MSDN and web searches
have turned up very little.

-------------------------------

Ian: Thanks for the info.

Now the question is where do I go and what do I "toggle" to turn
them off?

Thanks
David

---------------------------------------------


> > Limiting File, Registry, and other remote access by Techs or anyone
else.
>
> OK then, we just sit back and wait till your computer gives a glitch.
>
> 'HEEEELLPP!!' ... Sorry. No can do. ;-)
>
> Seriously, the default XP config doesn't allow remote access UNLESS the
> computer is a domain-member (In which case policies can over-ride any
> security settings you make anyway) or someone purposefuly turns it on.
>
> To make an XP machine more secure in this respect, I'd disable:
>
> Telnet
> Terminal Services
> Remote Registry
> RRAS if not used
> Fast User Switching
>
> Disabling Terminal Services stops Remote Desktop from working. However,
if
> someone has had a chance to install software, there is also the
possibility
> of a hidden VNC server existing on the computer. If so this would be
visible
> as a process in Task Manager. (VNC normally shows a system-tray icon, but
> there are ways to hide this)
>
> Bottom-line is that the best protection is a configurable firewall which
> will block acccess from the local LAN to all ports commonly used for
> remote-control. That way even if the software gets installed/activated it
> won't work. The inbuilt firewall is adequate provided you uncheck the
> exceptions for remote assistance, but Kerio or ZoneAalarm would be better.
>
>



Similar ThreadsPosted
Remote Access unconnected computer June 23, 2007, 8:52 am
Unable to access officews shared folder with remote access VPN July 5, 2005, 4:39 am
Re: Disable Internet access and USB ports October 26, 2005, 9:35 pm
RE: Disable Internet access and USB ports February 25, 2006, 10:05 am
Remote Computer Management January 9, 2007, 3:27 pm
remote access February 16, 2006, 3:22 am
VPN and/or remote access Plug-Ins September 17, 2005, 10:17 am
unauthorized remote access February 16, 2006, 3:17 am
Remote access to event logs August 12, 2005, 4:09 pm
Remote Access Policy and Dial-in Tab December 5, 2005, 1:00 pm

The site map in XML format XML site map

Contact Us | Privacy Policy