When I use VNC or RDP to remotely control my office computer, as far as I'm aware, someone standing in front of my computer could be seeing everything I'm doing. Furthermore, if I lose my connection then the computer will still be logged in (i.e. not locked) so someone in my office could do whatever they wanted with my login credentials.
Is there a way to remotely access ones machine that doesn't compromise privacy from someone who may be physically in front of the machine?
Yes. Use Xvnc to create a virtual session.
Alternatively, to secure access to the console session, set an idle timeout on the connection and configure the server to lock the session when the last client disconnects. That way, if you do disconnect, it won't be a problem.
Related
Everyday I log into my SSH session of a Google Cloud VM I maintain (Debian).
Since a week ago, I noticed my performance was lagging as I typed into the VM or when doing something else. I mostly login into this VM to check log files of scheduled scripts I have, and even when I use "cat script.log", what used to take less than 2 seconds now takes at least 5 or 7 seconds, loading the log text.
Pinging different websites bring me an reasonable 10 - 15 ms. I'm pretty sure it's not about my local connection either, everything else I do works fine in my local computer.
A warning started to appear now into my session, saying
"Please consider adding the IAP-secured Tunnel User IAM role to start using Cloud IAP for TCP forwarding for better performance. Learn more Dismiss"
I've already configured the IAP secured tunnel to my account, which is the owner account of GCP project.
Another coworker of mine is being able to access the VM without any performance issues whatsoever.
Your issue is in my opinion with the ISP. For some reason the SSH sessions are lagging.
That's why even other computers using your home ISP lag SSH sessions too. If that was firewall rule interfering you wouldn't be able to connect at all.
You may try to reset all the network hardware in your home and if that doesn't help
run tracert command in windows shell and then contact your ISP and pass your findings. It's possible it's something on their end (and if not maybe their's ISP etc).
To solve the problem you need to add "IAP-secured Tunnel User" at the project level in IAM for that user.IAP-secured Tunnel User + See instructions here in a blog I wrote about this. That should solve your problem.
So today I was in my MongoDB and I type in show dbs. Other than my usual dbs there is an additional hacked_by_unistellar. Anyone might know what I can do here? It sounds like I have been hacked unless this is some terrible easter egg I have come across. Please advise. Thank you.
you should close your default mongoDB Port 27017. Got the same problem
I had the same on an old backup server as well.
All I can say is that it is not related to an open, public mongodb port. The mongo server is running on localhost only, but has no access password (under FreeBSD 12).
Obviously, running with a public default port and no password is just what it is, but that's not the answer.
The only ports open on the server is SSH, 80/443 (running Apache 2.4.x) and a node service at port 3xxx, along with Mongo Express (also password protected).
There is also a MySQL server installed with no password, bound to localhost only, but that remained untouched.
It seems more likely that this is a vulnerability somewhere else, that is exploiting a non-protected local connection to mongodb.
Password protecting mongo might protect the database, but does not identify the point of access, which is worrisome.
All of my data is gone!
Well, my only action now is to close any more open connections to my DB instance. My database required a password to access (so, being passwordless was not the issue).
However, I just added a Basic Firewall to bump up the security a bit, at least, now I can assume no remote access can connect directly to my DB instance.
I followed this thread
Jump to Step Seven — Set Up a Basic Firewall part of the post.
https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-16-04
Also, you can allow only some IP addresses to your DB instances. By following the instructions at https://www.linode.com/docs/security/firewalls/configure-firewall-with-ufw/#advanced-rules
I use this personally on my main instance where I trust connections would come only from one IP.
Hope this helps someone temporarily till a better fix emerges.
Are your MongoDB password protected? if so, you can access the Database with only an IP address and the port.
If your MongoDB isn`t password protected, please do it asap! your info is exposed to everyone...
Even big companies do this mistake from time to time as well...
I am setting up my AWS DeepLens and all the steps have been successful until I try to connect to my home WiFi. How do I fix this issue?
I created a hotspot on my phone to test against a different network and this connection was successful. Then, I switched back to my home WiFi and it connected successfully.
This section of the troubleshooting guide will also fix the problem.
We found that the AWS DeepLens only has one network adapter which it uses both for its own hotspot and connecting to the network. If you are connected to it via any other means (e.g. via a phone) it will throw a hissy and start dropping the connection, repeatedly and seemingly randomly.
When we connected a monitor directly we then found it was stuck on a viewable password prompt, hence why it was not connecting to our network.
Best method by far (and from our experience, only usable option) is to connect directly to the device so you can see what it is doing. To do this you need USB keyboard and mouse, and a mini-HDMI to HDMI cable to hook up a monitor. This will free up the network card to do only one thing.
When connecting please note that the default admin password on ours was "aws_cam". This does not seem to be noted anywhere in the documentation. This will change when you go through the setup process and sync it with your AWS account.
Repeat the process by inserting a pin in the hole at the back of DeepLens. Wait for a few seconds, the wifi indicator (the middle light) would blink and then you can connect with Deeplens wireless network. Then you can open http://deeplens.config where you can configure your home wifi and complete the setup.
I know (guess) it's some sort of centralized peer-to-peer connection going on there. But then, how it's established? The apps themselves act as clients and servers. They connect to some central server, populate the user's node with data such as IPs MAC addresses and rest. But then what?
Do they establish a direct socket connection between the user computers? If yes, how they avoid the routers?
Do they transfer the data through the central server?
The reason why I ask is that I wanna build a Remote Desktop application that will be able to stream the screen view in real time to the connected client app(s). I know there a tons of them out there, but 99% are slow. I know it's possible to be close to realtime, OnLive does it. The 2 RDCs that work with speeds close to realtime are LogMeIn Pro (which I don't want to pay for, because I need only HD stream fromt the paid package) and Radmin (which is windows-only).
I'm ready to code it (in C/C++/Objective-C), but I just don't know how to design the thing.
Is it not possible to remotely manage XP sp2 PC from another XP sp3 computer using WMI where both of PC are in a work group? I have run wmimgmt.msc right click WMI control the connect to another PC. I have also used WMI Tools which I downloaded. I have Administrative account on the remote computer. I tried everything I found on the net
including:
Remote enabled WMI on the remote computer
It must not be firewall issue as I tried everything including disabling it ( the firewall).
Gave my account all permissions to the root and root\CIMV2 names paces on the remote computer
Created the same administrative account( Same user name and password) on local computer (not remote) as suggested by some people on the net.
and others
But I keep getting error like
Access denied
The RPC server is not available
I set up security event log on the remote computer and I got the clue that the account requesting is not my account . This way I guess that it not possible to manage my PC this way but I should set up my network so that both PC's are in the same domain. But I don't want this to happen now.
Is my guess right? If not what is wrong with me?. I am a newbie in this area.
Sorry everybody. I answer the question my self.
It is possible. The problem I was having was not creating the accounts correctly