remote control software: Anydesk; comments?

Heedtheadvice

Although a long way into lockdown I am now looking for remote interfacing between computing devices.

Not looking for an app/wesite that fills a specific need (skype, teams, zoom etc.)  but a more general purpose method to do general sharing and remote access.

Last used by me long ago was Letmein and I have always been a little nervous is such fairly open (but controlled) access.

I have been recommended Anydesk having multi/cross platform access. Can anyone comment on it's functionality and security, please?

Neil_Jones

Best known example of this sort of thing is TeamViewer, but there are other alternatives that do the same job - UltraVNC, TightVNC, TigerVNC to name but three.  Some other better known examples are Anydesk and Ammyy, and then you have the likes of Chrome Remote Desktop (runs as an extension in Chrome), GotoMyPC, Remote Utilities...  Of course Windows has its own built in in the form of Remote Desktop,

Note that some of these programs (particular the *VNC ones) require ports to be opened in your router.

grumpycrab

Anydesk works. Free for personal use.

Heedtheadvice

Thanks both for the responses.

A bit disappointed no one commented upon security aspects

grumpycrab

Heedtheadvice said:

A bit disappointed no one commented upon security aspects

Sorry, but I'm not a security expert just a user of Anydesk.  I haven't had any security problems.  It users end-end-encryption but I guess that is standard these days.  And, obviously, your Anydesk account password should be non-simple. And 2FA should be enabled.

Heedtheadvice

Thanks grumpy.

Was just hoping one of the experts in IT could comment but your response is useful tooooo. Ta.

AndyPix

I personally use Teamviewer .. Both the enterprise paid version for work purposes, and the 'free for personal use' version for access to my main machine at home.

Set it for unattended access and use a complex password and it is as secure as can be.

No messing around opening ports as it uses port 5938 which should be allowed by your router by default.

If you have any specific questions regarding security then please ask

Heedtheadvice

Thanks Andy.

Specifics then.

Why is an already open port an advantage over one specifically opened for the purpose?

We consistently suggest for enhanced security to use TFA irrespective of a weak or strong password. So, when you say security of access is done by a password is that not a weak point?

My main concern is I do not want to give a relatively easy route into my PC for remote access just like I would not allow some unknown person entry! When I used remote access several years ago for work there was a quite complex setup involving extra hardware as well as what seemed like several factor authorisation and specific things set up at the work end for network access.

Most of what I see these days seem rather simple but maybe I miss something?

debitcardmayhem

The port 5938 is not open per se, the two teamviewer end points connect out to the teamviewer "server" when they start . If the two machines are yours then you can set them as unattended with a strong password as andy said, if it is for a third party eg a family member then you will need to contact them for the password/give them yours depending which way round IYSWIM. I stopped using teamviewer when they arbitarily decided I was a business , totally untrue as I only use it for my many machines using very many architectures/devices, but couldn't get them to reply to me. So now I use VNC/RDP which is more secure since my router now has its own VPN server.

AndyPix

Heedtheadvice said:

Thanks Andy.

Specifics then.

Why is an already open port an advantage over one specifically opened for the purpose?

We consistently suggest for enhanced security to use TFA irrespective of a weak or strong password. So, when you say security of access is done by a password is that not a weak point?

My main concern is I do not want to give a relatively easy route into my PC for remote access just like I would not allow some unknown person entry! When I used remote access several years ago for work there was a quite complex setup involving extra hardware as well as what seemed like several factor authorisation and specific things set up at the work end for network access.

Most of what I see these days seem rather simple but maybe I miss something?

Well, having any ports open that are not normally open could attract attention from miscreants scanning the web for 'targets' .

If a port has been opened that is not normally open then it kind of suggests that something interesting may be on the other side and be a possible vector for attack.

The way TV works is that it itsself will initiate a connection to the TV server when it is running - as the connection is outbound, you dont need any firewall rules in the first place.

2fa is an option , of course, but in this case, i personally dont bother.

I really cant see anybody being that desperate to crack my system that they would go through the horrific task or trying to brute force a complex password in TV

It would be an absolute horror of a job, and if someone really wanted in to my systems that bad there are far far better ways to achieve this..

IMO, TV really is the best tool for this job . You are not giving easy access to your machine to anyone except you.

What you were likely using at work was Citrix with an RSA token for the 2fa.

A work environment is a bit different, as somebody could have a strong financial insentive to make a big (long) job out of trying to crack in, and this would be targeted.

I know the community well, and trust me when i say that no one is going to be remotely interested (see what i did there ) in trying to crack the personal TV session of a random stranger ..

Heedtheadvice

Thanks both for the further info.