[colug-432] TeamViewer

Rick Troth rmt at casita.net
Fri Nov 1 11:25:02 EDT 2013


FYI, TeamViewer may provide an attack vector.

I installed TeamViewer (on OpenSUSE).  This is a popular desktop sharing
tool with broad platform coverage.  One of my team-mates was using it
and we have regular need to do DT sharing with customers.  (There are
other tools/methods we use, but like I said ... TV is popular with some.)

Then I happened to notice an unexpected TCP connection.  It traced back
to TeamViewer (their servers).  Not good!  I found the TV processes
running, killed them, removed the files, and deleted the package.  (Less
emotion might have left more stuff for forensics, but I do have a backup
of some of that.)

A little Googoo gruntwork turns up ... yes ... TV is used by the bad
guys.  I am omitting some details.  Anyone know more about it and care
to share?  In any case, _you have been warned_.

To date, the safest desktop sharing tool in my doctor's bag is VNC.  It
instantiates a virtual desktop to which applications voluntarily
connect.  Yes, you *can* use VNC to hit the physical display/keyboard,
and for all I know that is more popular now.  But traditionally VNC was
virtual by default (and nicely boxed).

-- R; <><



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20131101/dd271473/attachment.html 


More information about the colug-432 mailing list