Remote desktop software

In computing, the term remote desktop refers to a program that gives the attack remote connection to the target pc aka the victim’’’

Overview

Remote access can also be explained as remote control of a computer by using another device connected via the internet or another network. This is widely used by many computer manufacturers and large businesses help desks for technical troubleshooting of their customer's problems.

Remote desktop software captures the mouse and keyboard inputs from the local computer (client) and sends them to the remote computer (server). ^[1] The remote computer in turn sends the display commands to the local computer. When applications with many graphics including video or 3D models need to be controlled remotely, a remote workstation software that sends the pixels rather than the display commands must be used to provide a smooth, like-local experience.

Remote desktop sharing is accomplished through a common client/server model. The client, or VNC viewer, is installed on a local computer and then connects via a network to a server component, which is installed on the remote computer. In a typical VNC session, all keystrokes and mouse clicks are registered as if the client were actually performing tasks on the end-user machine.^[2]

The target computer in a remote desktop scenario is still able to access all of its core functions. Many of these core functions, including the main clipboard, can be shared between the target computer and remote desktop client.

Uses

A main use of remote desktop software is remote administration and remote implementation. This need arises when software buyers are far away from their software vendor. Most remote access software can be used for "headless computers": instead of each computer having its own monitor, keyboard, and mouse, or using a KVM switch, one computer can have a monitor, keyboard, mouse, and remote control software, and control many headless computers. The duplicate desktop mode is useful for user support and education. Remote control software combined with telephone communication can be nearly as helpful for novice computer-users as if the support staff were actually there.

Since the advent of cloud computing remote desktop software can be housed on USB hardware devices, allowing users to connect the device to any PC connected to their network or the Internet and recreate their desktop via a connection to the cloud. This model avoids one problem with remote desktop software, which requires the local computer to be switched on at the time when the user wishes to access it remotely. (It is possible with a router with C2S VPN support, and Wake on LAN equipment, to establish a virtual private network (VPN) connection with the router over the Internet if not connected to the LAN, switch on a computer connected to the router, then connect to it.)

Remote desktop products are available in three models: hosted service, software, and appliance.

Tech support scammers use Remote Desktop software to connect to their victim's computer and will often Syskey the computer if the victim does not cooperate.

Protocols

Remote desktop protocols include the following:

Apple Remote Desktop Protocol (ARD) – Original protocol for Apple Remote Desktop on macOS machines.
Appliance Link Protocol (ALP) – a Sun Microsystems-specific protocol featuring audio (play and record), remote printing, remote USB, accelerated video
HP Remote Graphics Software (RGS) – a proprietary protocol designed by Hewlett-Packard specifically for high end workstation remoting and collaboration.
Independent Computing Architecture (ICA) – a proprietary protocol designed by Citrix Systems
NX technology (NX) a proprietary protocol designed by NoMachine with open-source derivatives available from other forked projects.
PC-over-IP (PCoIP) – a proprietary protocol used by VMware (licensed from Teradici)^[3]
Remote Desktop Protocol (RDP) – a Windows-specific protocol featuring audio and remote printing
Swiftpro Auriga Protocol (SPAP) – a proprietary protocol developed by Swiftpro to enable ultra fast and ultra secure remote Windows Desktop access.
Remote Frame Buffer Protocol (RFB) – A framebuffer level cross-platform protocol that VNC is based on.
SPICE (Simple Protocol for Independent Computing Environments) – remote-display system built for virtual environments by Qumranet, now Red Hat
Splashtop – a high performance remote desktop protocol developed by Splashtop, fully optimized for hardware (H.264) including Intel / AMD chipsets, NVIDIA / ATI GPU & APU, Qualcomm Snapdragon, and NVIDIA Tegra. By optimizing for different profiles of media codecs, Splashtop can deliver high frame rates with low latency, and also low power consumption.
Xpra – a protocol originally developed for forwarding X11 application seamlessly with audio, video, remote printing, etc. - extended to support Windows and macOS servers
X Window System (X11) – a well-established cross-platform protocol mainly used for displaying local applications; X11 is network-transparent

Malicious variants

A remote access trojan (RAT, sometimes called creepware^[4]) is a type of malware that controls a system through a remote network connection. While desktop sharing and remote administration have many legal uses, "RAT" connotes criminal or malicious activity. A RAT is typically installed without the victim's knowledge, often as payload of a Trojan horse, and will try to hide its operation from the victim and from security software and other anti-virus software.^[5]^[6]^[7]^[8]^[9]^[10]

Notable examples

References

^ "Remote Desktop Software". ITarian.com. Retrieved 1 May 2019.
^ Virtual Network Computing (VNC): Making Remote Desktop Sharing Possible. Businessnewsdaily.com (2013-11-07). Retrieved on 2014-02-27.
^ "VMware Announces Strategic Licensing and Co-development Agreement with Teradici for True Remote PC User Experience Further Bolstering its vClient Initiative". VMware News Releases. VMware. Retrieved 1 June 2013.
^ "Creepware — Who's Watching You?". Symantec Security Response. 10 December 2013.
^ "Remote Server Administration Tools for Windows 7". Microsoft TechNet. Microsoft. 4 June 2009. Retrieved 4 February 2011.,
^ "Danger: Remote Access Trojans". Microsoft TechNet. September 2002. Retrieved 5 February 2011.
^ "Understanding the Windows NT Remote Access Service". Microsoft TechNet. Microsoft. Retrieved 5 February 2011.
^ "Netsh commands for remote access (ras)". Microsoft TechNet. Microsoft. January 21, 2005. Retrieved 5 February 2011.
^ "RAS Registry Modification Allowed Without Administrative Rights". Microsoft TechNet. Microsoft. Retrieved 5 February 2011.
^ "Computer RATS - Protecting Your Self". HowTheyHack. July 2013. Archived from the original on 14 March 2016. Retrieved 17 July 2013.
^ "Code Access Security and bifrost". CodingHorror.com. 20 March 2007. Retrieved 5 February 2011.
^ "BlackShades: Arrests in computer malware probe". BBC News. Retrieved 20 May 2014.
^ "Remarks Prepared for Delivery by Special Agent in Charge Leo Taddeo at Blackshades Press Conference". fbi.gov. Federal Bureau of Investigation. Retrieved 20 May 2014.
^ Denbow, Shawn. "pest control: taming the rats" (PDF). Retrieved 5 March 2014.
^ Aylward, Laura. "Malware analysys - Dark Comet RAT". Contextis. Archived from the original on 26 April 2014. Retrieved 5 March 2014.

[1] "Remote Desktop Software". ITarian.com. Retrieved 1 May 2019.

[2] Virtual Network Computing (VNC): Making Remote Desktop Sharing Possible. Businessnewsdaily.com (2013-11-07). Retrieved on 2014-02-27.

[3] "VMware Announces Strategic Licensing and Co-development Agreement with Teradici for True Remote PC User Experience Further Bolstering its vClient Initiative". VMware News Releases. VMware. Retrieved 1 June 2013.

[4] "Creepware — Who's Watching You?". Symantec Security Response. 10 December 2013.

[5] "Remote Server Administration Tools for Windows 7". Microsoft TechNet. Microsoft. 4 June 2009. Retrieved 4 February 2011.,

[6] "Danger: Remote Access Trojans". Microsoft TechNet. September 2002. Retrieved 5 February 2011.

[7] "Understanding the Windows NT Remote Access Service". Microsoft TechNet. Microsoft. Retrieved 5 February 2011.

[8] "Netsh commands for remote access (ras)". Microsoft TechNet. Microsoft. January 21, 2005. Retrieved 5 February 2011.

[9] "RAS Registry Modification Allowed Without Administrative Rights". Microsoft TechNet. Microsoft. Retrieved 5 February 2011.

[10] "Computer RATS - Protecting Your Self". HowTheyHack. July 2013. Archived from the original on 14 March 2016. Retrieved 17 July 2013.

[11] "Code Access Security and bifrost". CodingHorror.com. 20 March 2007. Retrieved 5 February 2011.

[12] "BlackShades: Arrests in computer malware probe". BBC News. Retrieved 20 May 2014.

[13] "Remarks Prepared for Delivery by Special Agent in Charge Leo Taddeo at Blackshades Press Conference". fbi.gov. Federal Bureau of Investigation. Retrieved 20 May 2014.

[14] Denbow, Shawn. "pest control: taming the rats" (PDF). Retrieved 5 March 2014.

[15] Aylward, Laura. "Malware analysys - Dark Comet RAT". Contextis. Archived from the original on 26 April 2014. Retrieved 5 March 2014.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

v t e Remote administration software
General	Remote desktop software Comparison of remote desktop software
Implementations	Absolute Manage AetherPal AnyDesk Apple Remote Desktop Chrome Remote Desktop Citrix Virtual Apps ConnectWise Control Crossloop IBM BigFix LogMeIn Microsoft System Center Configuration Manager NetSupport Manager pcAnywhere RealVNC Remmina Remote Desktop Services Remote Utilities RescueAssist RustDesk scrcpy Secure Shell Splashtop TeamViewer ThinLinc TightVNC Timbuktu UltraVNC Virtual Network Computing NX technology
Controversial Implementations	Back Orifice Back Orifice 2000 NetBus Sub7