What is Digg?Sponsored by Dragon Age: Origins
See the new YouTube feature trailer for Dragon Age: Origins view!
youtube.com/DragonAge - EA presents BioWare's new dark fantasy epic Dragon Age: Origins. '9/10' from Game Informer.
104 Comments
- IntelliAdmin2, on 10/12/2007, -8/+90We are not harvisting anything. We I can give out the source if you want, but parts of it can't be released because they are paid components for delphi - so you never really know what is in the binary. Either way, the source for RealVNC 4.1.1 has been out for how long? And it had a wide open flaw that allowed anyone to access. Did anyone find it by looking through the source? Nope - we found it by accident when we were writing our own VNC client. So opening the source to it won't prove anything. All I can say is that it is not malicious, and we just provide free tools, and we hate spyware, and adware, and virusware as much as the next guy. So take your tinfoil hat off for two seconds and use a packet sniffer if you still don't trust us.
- gcnaddict, on 10/12/2007, -9/+79How do we know that IntelliAdmin isnt a harvester program? It has all the tools to do it: It gets the user's user name, password, and the computer to contact (if the computer is being remotely accessed over the internet)
I dont trust it unless it goes open source. That way I can have some sort of assurance that I wont lose my server. - toomuchgreentea, on 10/12/2007, -2/+56But it has such nice graphics ... no evil program would have nice graphics like this. ;-)
- MikeCampo, on 10/12/2007, -3/+35I'll just wait a few weeks for the article saying that IntelliAdmin has indeed been harvesting and abusing.
- RandomPrecision, on 10/12/2007, -14/+45So now we can remotely take control of any computer running Windows?
Old news, I say. - JohnnyLickums, on 10/12/2007, -2/+32Wow. this actually worked really well. Just tried it here at our data center, and I needed to remote into a machine over 100 miles way on our LAN - of course nobody is on the other side on the weekend. Was able to get in within a few moments after downloading. Coolness - you get my digg
- CypherXero, on 10/12/2007, -2/+30If you're that worried, just run a packet sniffer while you use the program, and analyze the traffic to see if it's contacting another computer on the web with your information.
- mfearby, on 10/12/2007, -3/+25By the looks of the screenshot, you have to be able to reach the machine using nothing but it's machine name, so here's a free method (that works when on the same network):
Right-click on your own My Computer icon and choose Manage
Right-click on Computer Management (Local) which is the top tree-view item and choose Connect to another computer
Specify the computer then click OK
Now expand Services and Applications then click on Services
Double-click on Terminal Services and change the startup type to Automatic if you want it to start when the computer starts (otherwise, choose Manual)
Then click on the Start button et voilas! You should now be able to RDP into the machine.
This is the method one would use if you're on the same network, usually a corporate one, and this method likely would not work through your ISP (unless you use your IP address or other friendly-name you've got going) and it probably relies on your RPC port being available, which, if you can get this to work through your ISP, then you've probably got bigger problems (like a spyware infestation :-)
There's no substitute for knowing the direct way of doing something, especially when it involves so few steps as above. Doing it the way I've just described might also teach you a thing or two about your PC and how it works, instead of turning your brain off and using the program linked above. - parpdude, on 10/12/2007, -1/+22Why do you need a tool for this? Just open up the registry on the remote machine (yes this can be done remotely) and modify
HKLMSYSTEMCurrentControlSetControlTerminal Server
fDenyTSConnections=0 - M2Ys4U, on 10/12/2007, -3/+20...remotely!
- nbx909, on 10/12/2007, -30/+45
"I dont trust it unless it goes open source. That way I can have some sort of assurance that I wont lose my server."
It's already lost if you're running a windows server. - NoMoreNicksLeft, on 10/12/2007, -0/+15Um, if they're even halfway clever, the program will just store the info for a month, and upload the details in the middle of the night, weeks after you've given up and shut down ethereal.
- gandre, on 10/12/2007, -1/+14Why would they patch up a feature of windows?
- mrivorey, on 10/12/2007, -0/+13"So take your tinfoil hat off for two seconds and use a packet sniffer if you still don't trust us."
You have to admit, it's the spyware/adware/virus/trogan writers that have pushed us into the hat department of the Reynolds Wrap store. So you can't really blame us for being skeptical of a previously unknown program. I love the idea of your program a lot! Being able to administer my parents' computer from 2 states away without having to walk them through turning on the service would be great (if I'm getting the gist of this program right). But I just can't trust a program like this until it's been tested. Even if the packet sniffer turns up nothing, whose to say it won't just save all the info for 2 months and *then* phone home.
I salute you for writing this... and I'm sure it's going to be very useful for yourself, and your friends that trust you. But until someone is able to reverse engineer it or it gets endorsed by some trusted authority, I can't use it.
PS: For all those computers out there without password protected user accounts, is it really this easy to activate remote admin? In the wrong hands could this be a hacking tool? Or does this only work on a LAN, and not the Internet? Even if it's only LAN, it still could be evil in the hands of a war-driver. This just makes me sigh at Microsoft's security. - inactive, on 10/12/2007, -1/+11Umm... you can enable remote desktop on any machine on a LAN through remote registry, which windows has turned on by default.
So unless that was turned off, you can access the registry entry for Remote Desktop, change a 1 to 0, and voila.
people should spend more time checking how to do things through microsoft's knowledge base before making claims that "there's no way in windows to do this", b/c that's total *****.
edit: dammit, papdude beat me.. and gives the value. Props. - skoobisnaxs, on 10/12/2007, -2/+11awesome.. you know how many times I could have used this?
- inactive, on 10/12/2007, -0/+8You show a severe lack of understanding of how to administer a windows PC/network. As a poster said previously, if you have an admin password by definition you are the administrator of that machine and control all it's contents. RDP isn't a "security risk". Think about it.
- drwtsn32, on 10/12/2007, -0/+8You sir, are an idiot. This program can do NOTHING to the remote system unless you provide user credentials that allow admin access on the remote machine. This software does nothing special besides change a registry value on the remote computer, something you can already do with regedit.exe.
- Agret, on 10/12/2007, -0/+8"The default administrator password for windows xp is blank."
And the default setting is to net let people with blank passwords authenticate remotely. What's your point? If someone has physical access to your machine they could pwn it in many more ways than just using a blank password. - SniperSlap, on 10/12/2007, -6/+14Everything is scary about this. Set it on fire!!
- inactive, on 10/12/2007, -4/+11... or just run it over a LAN for testing purposes. I did consider the packet sniffer, though.
- Jugalator, on 10/12/2007, -2/+9In case someone on your LAN would enable Remote Desktop on someone's computer without him/her knowing, all the malicious user would get to when actually trying to log in to the computer on the LAN (note this isn't about Internet as far as I can see) is getting the Windows user login prompt. So the user would need to know the login details anyway, like you always need with remote desktop connections.
Well, unless you use some sort of security exploit of course, but that has to do with any RDP vulnerabilities more than how you can use this application. - innerspirit, on 10/12/2007, -4/+11The default administrator password for windows xp is blank.
- Jugalator, on 10/12/2007, -1/+8Maybe you need to be a Windows admin to use this?
I know at least domain admins can remotely execute/terminate applications and start services on Windows computers on that domain. And even remotely reboot computers. I'm unsure what happens with local admins.
See also at Sysinternals: http://www.sysinternals.com/Utilities/PsTools.html
Maybe this is just a GUI wrapper for configuring the Remote Desktop service remotely on Windows? - samdu, on 10/12/2007, -1/+8"Did anyone find it by looking through the source? Nope - we found it by accident when we were writing our own VNC client."
Er,,, actually, it sounds like YOU found it in no small part due to the open source natuire of RVNC. - MicroBerto, on 10/12/2007, -4/+10I'm not familiar with the technologies (RDC?) this is using, but can similar programs use it for security intrusions? Is this something MS might patch up?
- Tyrel, on 10/12/2007, -0/+5These kind of features in Windows are often used by network administrators.
- inactive, on 10/12/2007, -0/+5How so? It's only going to work on PC's connected to the same network/domain. And it's only going to work if you have an admin account on that machine - which by definition means you already own that PC and it's data.
You guys freaking about a hypothetical "security risk" aren't using your brain. - verucasalt, on 10/12/2007, -1/+6Not a great point. If I have administrator access to a PC, then by definition I control all functions of that PC, which includes turning on remote access. Think about it.
- inactive, on 10/12/2007, -1/+6You like to sniff each other's WHAT?!?!
- shindig111, on 10/12/2007, -4/+9There is a dummies version of remote desktop : http://technopedia.info/tech/2006/05/09/remote-desktop-for-dummies.html
- Sp4nk, on 10/12/2007, -4/+8This looks more to be a future security issue than a useful tool. Turning RDP off obviously warrants a reason why it's NOT turned on, which RDP is by default on all Windows installations.
- Vector713, on 10/12/2007, -1/+5Awesome, I can think of a couple of instances where this would have been nice. Bookmarked for future use.
- deepsub, on 10/12/2007, -0/+4It seems like going through the trouble of downloading this program and using it takes more effort than just enabling remote desktop in the first place.
- qedx, on 01/11/2009, -6/+10isn't this kinda scary
- hobnob, on 10/12/2007, -0/+4/me sighs
+digg because it's a valid post, it *is* a way to enable RDP, and it *is* simple. much simpler than remote registry for the casual user (ie. if you need to do this once, MAYBE twice)
however IntelliAdmin is stupid.. it's a lie that there is no way to do this remotely.. all they've done is whipped together an app that uses the existing windows tools to do it! - gollo, on 10/12/2007, -0/+4@kualla:
True... IF you were interested in the data being transmitted. But in this case we are just worried that it is connecting to a computer OTHER than the intended machine. And since an ip is an ip is an ip it doesn't matter if the data is encrypted or not. - ejdmoo, on 10/12/2007, -0/+4My thoughts exactly. I've done this a gillion times.
- Agret, on 10/12/2007, -0/+3" Turning RDP off obviously warrants a reason why it's NOT turned on, which RDP is by default on all Windows installations."
That's because many users don't have a network and if they do have on they have no wishes of logging in remotely to their other PC. Why should a service that is only used by System Admins for remote administration be turned on by default for all users? To enable it remotely you need a valid Admin account and if you have one of those you can do anything to that PC remotely anyway. Before you whine "linux isn't that insecure!" you can do anything with a root account through ssh unless root login is set to deny or something and then you could just su from a normal user. Meh. - tdaddy11, on 10/12/2007, -0/+3Remotely enable rdp via registry
http://www.windowsdevcenter.com/pub/a/windows/2004/05/04/serverhacks_remote.html - djspike, on 10/12/2007, -0/+3patch? i hope not. i use Remote Desktop atleast 30 times a day for work. And you can opt to not have it turned on.
- stevex0r, on 10/12/2007, -9/+12"so take your tinfoil hat off for two seconds and use a packet sniffer if you still don't trust us."
Spoken like some one that wants to steal my data.
Just kidding, this does look cool and I would try it if I ran windows. - dharm, on 10/12/2007, -0/+3@ intelliadmin2
"There is nothing within windows that will allow you to enable this feature remotely."
i think you guys should correct this statement on your website, because it is false.
you can do the same thing by modifying a value in the registry (using network registry connection) and also you can change the value by connecting to a computer through terminal services. - inactive, on 10/12/2007, -0/+3can't you just use PSExecute from Sysinternals to do a "runas /env /user:{user@domain} net start {remote desktop service}"? Is that what this essentially does?
- oedenfield, on 10/12/2007, -1/+4I don't know if someone already said it, but the Terminal Services key in the registry is a pretty easy edit. If you have admin access to the remote machine, just open regedit and navigate HKEY-LOCAL_MACHINE > SYSTEM >CurrentControlSet > Control > Terminal Server > fDenyTSConnections. Change the value to 0. Sometimes you have to restart (as this program states) but that is done with our friend shutdown.exe
- DrBones, on 10/12/2007, -0/+3My guess is that this is exactly what that app does. This can definitely be a useful tool for less experienced windows admins. Personally i do remote registry all the time (though i dont have to do with a properly configured domain/group policy). To all of those that see it as a security risk, it requires admin access, so there is already a security issue if that password has been leaked. I cant tell you how many laptops we have to give local admin access to and the user disables rdp for whatever reason...
- drakey, on 10/12/2007, -1/+4...IF you have a valid administrative login for that machine. You can already remotely run an arbitrary executable via RPC if you have a login for the machine (see sysinternals' psexec program)--it's a feature built into Windows. So this isn't really an exploit program, but just a shortcut for turning on remote desktop on a machine you already have admin privileges on.
- Dosquatch, on 10/12/2007, -0/+3There's ... what? There's no way to enable Terminal Services remotely with the tools built into Windows? Bull.
Control Panel -> Administrative Tools -> Services
In the MMC window, right-click where it says "Services (Local)" and select "connect to another computer", then enter the remote machine's name (you may need to enter user/pass). Once connected, scroll down the list of services on the right, find "Terminal Services", and start it.
Why write an extra tool for this? - gcnaddict, on 10/12/2007, -0/+2Well I ended up digging this one anyway despite my previous comment simply because the email responses I got from the IntelliAdmin crew were knowledgable and reassuring, so Ill take this app for a shot anyway.
- inactive, on 10/12/2007, -1/+3Every windows admin knows this. You have just proven that IntelliAdmin's claim that "There is nothing within windows that will allow you to enable this feature (terminal services) remotely" to be complete and utter *****.
-
Show 51 - 100 of 106 discussions
The Digg Toolbar for Firefox lets you Digg, submit content, and keep track of Digg even when you're not on the Digg site. Download the official 
© Digg Inc. 2009
— Content created and posted by Digg users is