6 eSecurity Pitalls
Home
eMarketing
eSecurity
Mobile Comm
Global e-Business
News & Insights
Contact Us

Articles

Security breach at Target part 2
FIDO Alliance Seminar
Security Breach at Target
Myth on Web Service Security
End-to-End Security for Cloud Computing
Optimize Security Services in the Cloud
Data at Rest, Data at Risk
Data Security Best Practices
DOD Common Criteria
Need for Information Security Professionals
Protect Social Security Info
Virtual VPN Gateway
Don't Hack the Ox!
6 eSecurity Pitalls
Data Security at Risk
CCNA Certification
NAC Forum
eSecurity Market
eSecurity Philosophy
PC Security
eSecurity Facts
Encryption Tool
Checking Security
Identity Theft
Home PC Security
eSecurity Training
Security Software
eSecurity & You
Web Security
Browser Security
Spyware & Viruses
448 Bit Encryption
Vital PC Security
Spyware Security
What's PC Security
Optimize eSecurity
Delete Cookies
Basic SB Security
eSecurity 101
Email Security

Remote Control Software The 6 Security-Pitfalls You Should Avoid
by: Kristian Polack
09/12/08

There are numerous ways for an individual to gain access to your confidential information and business data on your computer when you employ remote control software. In spite of the risks it is not necessarily a risky business to invest and implement remote control software. If you make sure that your provider can supply a satisfactory solution to the presented 6 risk areas you will be able to enjoy all the advantages of remote control software without hesitation.

A remote control system consists of two primary agents: the host and the guest. You are the host and you should have completely control over who you invite. The best overall method to avoid unwelcome guests is to make sure that your software has the top of the line encryption and a strong overall focus on the pending security issues.

We have pinned the security pitfalls out in six risk areas and we recommend that you consider all six risk areas when you research your possible purchase of remote control software. The six areas are:

1. Unauthorized access across the wire. Popularly known as "high jacking". We have identified the following key parameters to avoid high jacking:

MAC/IP address check
Closed user group
Authentication
Callback
User controlled access
Authorization

2. Eavesdropping and alteration. Protect the traffic between guest and host modules against eavesdropping and unauthorized alteration of data. Make sure your system has strong features in Encryption (only you and your guest should be able to read the information transmitted). Integrity and message authentication (verify the encrypted data). Key exchange (exchange the right encryption keys for the data transmissions).

3. Security context. It is imperative that the Host components run in proper security contexts on the operating system.

4. Unauthorized change of the Host. Make sure that all maintenance is only accessed through a password and thus prevent unauthorized change of the Host configuration.

5. Adequate range of alerts and security options. An example: The Host must be able to disconnect the Guest user or even restart Windows after reception of a pre-defined number of invalid logon attempts in order to reduce the number of invalid attempts per hour. And you would want a neat range of alert types when someone is trying to access your computer.

6. Adequate event logging. Your system should offer extensive event logging to document a possible attack. All session activity and log on attempts should be logged, preferably in a central database

It is absolutely essential in remote control software that you can ensure that access to data is protected from unauthorized users. Hackers can and will use foot printing, such as port scans, ping sweeps, and NetBIOS enumeration that can be used to glean valuable system-level information to help prepare for more significant attacks. Finally, hackers can attempt to hijack a session, that is, they can try to takeover one end of an already established session.

Your remote control program should contain security features that counteract the methods described to hack into a computer. If you engage with a supplier who is covered in the six risk areas then you're on your way to improve business efficiency, help system administrators and reduce cost of IT and enjoy many more inherent features with remote control software.

Danware A/S develops and sells software products based on its NetOp Remote Control technology (
http://www.netop.com/ ), which allows fast, secure and stable transfer of screen images, sound and data between two or more computers.
 

About The Author

Kristian Polack wrote this how-to.
 

This article was posted on March 1, 2007

 

[Home] [eMarketing] [eSecurity] [Mobile Comm] [Global e-Business] [News & Insights] [Contact Us]

eMarketing