ScreenConnect on Windows 7 - Security?

[Vicenarian]

Ok; so I decided to create a Windows 7 Home Premium x64 virtual machine in virtualbox and install the ScreenConnect trial;

Now, I tried a remote support session with a client this morning, and everything seemed to work excellent. I don't mind purchasing a Windows 7 license just for this virtual machine, but what I'm wondering is, would this be considered 'secure' enough for supporting clients? The VM won't be used for anything but ScreenConnect (no web browsing, etc.), so I'm guessing no antivirus (other than maybe MSE?) would be necessary. I'm behind an (ISP-provided) router, that has a simple NAT firewall, too. The only open ports in the Windows Firewall are 8040 and 8041 (defaults for SC)

People always say Linux is more secure for servers, etc. but I've read that ScreenConnect hosted on linux has some performance/stability issues, so I'm not sure if I want to go that route, especially since I'm pretty new to Linux in general.


Related thought: One thing I'm liking about using a VM, is that if something goes wrong, I can always revert to a previous snapshot, but I'm not sure how that would affect my screenconnect software/configuration/logs...hmmRel

 

[JakeFromScreenConnect]

Your config sounds good. We love VMs here. All of our internal infrastructure is virtual (except those dang macs).

If you are exposing internal resources (servers, etc) externally, you should probably harden ScreenConnect itself. Two-factor auth with one-time passwords is pretty easy to setup. SSL is fairly easy also, but you'll need a CA-issued cert.

If you're at least aware of security, you're already ahead of many of our customers

 

[Vicenarian]

Thanks for the response Jake.

I'll have to try setting up the 2-factor authen. when I get the chance.

 

[quantumlinq]

Screenconnect

Hello,

I've been using Screenconnect without problems for about 2 mos. I've loved everything about it, but,,,I recently had an issue arise that had me remove it for now.

It is probably due to my not setting it up securely enough. I had installed the remote client onto about 11 computers at different site locations. One day this past week, every computer was stuck in a reboot loop. At first I thought it was a virus/malware, but after seeing the common item being Screenconnect, I removed the hard drives from each client and deleted the screenconnect folder. After doing this, the computers would boot fine again. I then scanned each computer with Webroot and Malwarebytes, and all were showing clean.

Someone could have hacked into my Admin account and caused something to happen, however, I haven't had the chance to turn it back on and start diagnosing. I'm kind of scared to enable it until I get two factor authentication and maybe SSL setup.

The support has been great. Every time I call in, I'm immediately speaking with someone and this last time I spoke with Sean. He told me to definitely let him know if I found something, but I didn't call back because I'm not sure if it was just someone hacking into my account or not.

I'm thinking of doing the VM with screenconnect, two factor, SSL, and running net monitor packet sniffer. Hopefully that will be enough to keep this from happening again as it was an entire two days lost and a host of upset customers.

Again, I love Screenconnect, I'm just a little gunshy about running it again until I have some time to read how to implement more security.

Hope it helps!

Thanks

 

[ComputerRepairTech]

Tell us more about the reboot loop, when was it restarting exactly? Was it getting into windows then instantly rebooting like as if it was a blue screen?

 

[quantumlinq]

reboot

On one of my servers, it was stuck rebooting in safe mode. The listing of windows files would display on screen loading and then it would hang on the last and reboot.

On the workstations, some were rebooting in the same manner (safe mode) and some would just be stuck rebooting normally. I would not receive a BSOD or anything, it would just start loading windows, and then prior to going to the desktop it would reboot. It happened as it was loading and preparing the desktop. Sometimes, I could get all the way to the desktop and then it would reboot. I just assumed it was happening when the files were being called upon.

Thanks