Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to detect if my running Windows application is being driven by a remote application?

Posted on 2013-11-18
2
Medium Priority
?
979 Views
Last Modified: 2013-11-24
Hi Experts,

I am looking for a way to detect if my running vb.net Windows Forms application is being driven by software such as Remote Desktop, VNC, Teamviewer etc.

I want to know if any of these applications are controlling my application -

I have code like the following that will let me check if applications such as Teamviewer are running:

Sub Main()
    For Each p As Process In Process.GetProcesses()
      Try
        'Console.WriteLine("{0} {1}", p.Id, Path.GetFileName(p.MainModule.FileName))
        MsgBox(p.Id & " " & Path.GetFileName(p.MainModule.FileName))
      Catch
      End Try

    Next
  End Sub

Open in new window

 
But what I need to know is how to detect if any of these applications are firing keystrokes and mouse movements etc. at my application.

Regards,
Leigh
0
Comment
Question by:LeighWardle
2 Comments
 
LVL 31

Accepted Solution

by:
Frosty555 earned 2000 total points
ID: 39658380
I can't think of any reliable supported way to do this. The whole point of remote-control software is to simulate mouse and keyboard events exactly as if it was a physical mouse and keyboard performing the actions in a way that is transparent to the operating system and/or software running on the system (since that's how you achieve maximum compatibility). It is difficult to detect by design.

The closest I think you can get is to look for evidence that these sort of programs are running through other means - such as what you have done to look for the presence of the TeamViewer process. You can also look for obvious signs that VNC is running, for example checking if ports 5800-5900 are open. Of course that can be easily circumvented by the user by simply configuring their VNC server to listen on another port.

But even if  you do find reliable ways to detect TeamViewer, VNC and RDP, what about all the other remote control applications out there today, or in the future? Applications like LogMeIn, Ammyy, Radmin, GotoAssist, and a dozen other smaller companies make similar products.

What about BMC/IPMI or IP KVMs which simulate keystrokes at the hardware level for the purposes of remote control? What about a virtual machine running on Hyper-V or in VMWare and being controlled remotely via a management console? Or application virtualization products like Citrix XenApp, Microsoft RemoteApp which run an application on a server and then present it to user at a remote location? These products are virtually undetectable.

Do you draw the line at remote-control applications? What about automation tools like AutoHotkey which simulates keystrokes to automate software?  Gamepads with macro record/playback functionality, programs like Joy2Keys, or things like barcode readers, card swipers or keyboard wedges?

There's an endless number of different programs which simulate keystrokes with various levels of transparency to the operating system for the purposes of remote access, or automation. It would be almost impossible to block them all.

I would argue that whatever the reason is you feel your program needs to know if remote control apps are being used... you're probably mistaken. Preventing the use of remote-control software in conjunction with your application is better enforced by specifying it in the terms-of-service for your application, refusing to provide support for scenarios where the application is being used in an improper manner, or by enforcing it through company policy - the solution is social, not technical.
0
 
LVL 1

Author Closing Comment

by:LeighWardle
ID: 39673718
Many thanks, Frosty555, for your detailed exposition on the topic.
Regards,
Leigh
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question