Say for instance I have a client with an endpoint that they want to give me unattended access to until we get something like VPN and RDP or whatever up and running. I made a fully customizable host module as well. All of these options are configurable through the policy tool that you can add and remove on the fly.
Plus as you make changes to the config of it, it not only changes the installer from the link on the fly but if people click an old one you deployed it seems to always grab the most up to date config. The quick support runs without needed elevated privileges too but you can authenticate with system credentials if you like. blah / NameOfProjectOrCompany that will download the custom exe. They give you a URL you can customize too. Just a nice touch and looks professional for internal and external use. I can change the logo, text, description, all kinds of stuff. I'm able to fully customize and brand a quick support module. I purchased a basic business license for teamviewer and started playing with it. Didn't seem like a massive breach but it's handy as a one off tool.Īnyway, so we were paying something like $2k a year for logmein for just 25 endpoints for various uses. I asked them what they thought about the possible security issues and the short summary they gave me was pretty much inline with what I found too. We work with a German infosec company (keep in mind teamviewer is also a german company) and they use teamviewer for a bunch of stuff. We do a ton of high security work and often have to work with outside infosec consultants for compliance and stuff.
I only ever used the free version.įast forward to today. I used team viewer for my home network a little and the biggest takeaway was it's UI was a little fucky but Jesus Christ their image quality and speed were lightyears beyond anything. OK all that out of the way, I've been using VPN, RDP, SSH, and logmein for all of my remote needs for the past 20 years+ I stopped using VNC aaaaages ago. I remember reading about it a ton back when it first happened and what I took away was it was either 1) password reuse and/or 2) no mfa or 3) highly unlikely but someone was able to crack their ID / easy auto password mechanism however I believe this is highly unlikely. So first off, I would love an actual cybersecurity postmortem wrapping up what exactly happened. It's still unclear if the teamviewer breaches were a result of reused passwords or not. This is mainly an unpopular opinion due to the supposed "hack" they had back in the day. Either way, I'm positive this is going to get downvoted into oblivion from how much hate tv gets on this subreddit but I'm sharing regardless. I have zero affiliation with any of the companies I mention in this post.
0 kommentar(er)
