Getting through a firewall
I have a question:
When I get a client who wants remote assistance, I always have such a hard time connecting to their computers because their is either a firewall in the router or a firewall in their modem (cable/dsl) or both.
Are there programs out there (or is it possible to write one) that would query their router and modem to find out what make and model it is - or even better, open up the remote assistance ports so I can connect to help them? Most people cannot do this on their own, and don't have the time or patience to be walked through it. The best thing is if they could just click a button, and it would be done.
Can this be done?
Gotomypc.com boasts their software is:
"Firewall Friendly
Because the GoToMyPC software on the remote computer initiates an outgoing connection, the technology works with your existing firewall and does not require special configuration. Nor does it compromise the integrity of your firewall."
What does that mean?
When I get a client who wants remote assistance, I always have such a hard time connecting to their computers because their is either a firewall in the router or a firewall in their modem (cable/dsl) or both.
Are there programs out there (or is it possible to write one) that would query their router and modem to find out what make and model it is - or even better, open up the remote assistance ports so I can connect to help them? Most people cannot do this on their own, and don't have the time or patience to be walked through it. The best thing is if they could just click a button, and it would be done.
Can this be done?
Gotomypc.com boasts their software is:
"Firewall Friendly
Because the GoToMyPC software on the remote computer initiates an outgoing connection, the technology works with your existing firewall and does not require special configuration. Nor does it compromise the integrity of your firewall."
What does that mean?
The Gotomypc statement might imply that as long as the client's firewall allows outgoing traffic from Gotomypc software which is installed in the remote computer, the remote computer could be accessed because the connection is formed from inside the client's network, which is not blocked by the firewall, and can also work in NAT environment.
ASKER
Yeah, it might 'imply' that, but it sure sounds like no configuration (NAT / Port Forwarding / Bridging / DMZ) is necessary to run their software and have full access to the computer. How would that be possible?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
>>Are there programs out there (or is it possible to write one) that would query their router and modem to find out what make and model it is - or even better, open up the remote assistance ports so I can connect to help them? Most people cannot do this on their own, and don't have the time or patience to be walked through it. The best thing is if they could just click a button, and it would be done. Can this be done?
What you're asking for is how to hack firewalls from the outside. Of course there are programs that will scan and try to tell you what kind of device is on the other end. Nmap is one such program.
However, if it were easy to connect to the outside of a firewall and open up a port for whatever you felt like, whether for good or evil, they wouldn't be very good firewalls, would they? They wouldn't even be worth being installed - they would only be a hinderance to good people and vulnerable to bad people.
I'm not allowed to go to gotomypc.com from my work (blocked by the nice content filter). But I would imagine it puts some kind of client on the machine which connects to a server on the outside. Once that session is established, the server can control the client by sending back specialized packets which tell the client what to do. I believe the client connects via port 80 outbound, which is why it's open through firewalls.
What you're asking for is how to hack firewalls from the outside. Of course there are programs that will scan and try to tell you what kind of device is on the other end. Nmap is one such program.
However, if it were easy to connect to the outside of a firewall and open up a port for whatever you felt like, whether for good or evil, they wouldn't be very good firewalls, would they? They wouldn't even be worth being installed - they would only be a hinderance to good people and vulnerable to bad people.
I'm not allowed to go to gotomypc.com from my work (blocked by the nice content filter). But I would imagine it puts some kind of client on the machine which connects to a server on the outside. Once that session is established, the server can control the client by sending back specialized packets which tell the client what to do. I believe the client connects via port 80 outbound, which is why it's open through firewalls.
>sounds like no configuration (NAT / Port Forwarding / Bridging / DMZ) is necessary to run their software and have full access to the computer. How would that be possible?
It uses TCP port 80 which is the same as WWW browsing, and almost all firewalls have that unrestricted by default... client opens a tcp connection on port 80 to the GoToMyPC server and then you connect to the server.
WebEx is another example of this..
http://www.webex.com/services/online-support-svc.html
It uses TCP port 80 which is the same as WWW browsing, and almost all firewalls have that unrestricted by default... client opens a tcp connection on port 80 to the GoToMyPC server and then you connect to the server.
WebEx is another example of this..
http://www.webex.com/services/online-support-svc.html
You might want to look at a service like webex or live server, both allow remote desktop sharing after accepting a small piece of software. If you are looking at someones pc with their permissin they shouldn't mind accepting the software.
Simon.
Simon.
If the firewall/router support VPN, configure it as a PPTP VPN server. You can then form a VPN to the client's network, and then work with Remote Assistance.