Solved

How to detect if my running Windows application is being driven by a remote application?

Posted on 2013-11-18
2
901 Views
Last Modified: 2013-11-24
Hi Experts,

I am looking for a way to detect if my running vb.net Windows Forms application is being driven by software such as Remote Desktop, VNC, Teamviewer etc.

I want to know if any of these applications are controlling my application -

I have code like the following that will let me check if applications such as Teamviewer are running:

Sub Main()
    For Each p As Process In Process.GetProcesses()
      Try
        'Console.WriteLine("{0} {1}", p.Id, Path.GetFileName(p.MainModule.FileName))
        MsgBox(p.Id & " " & Path.GetFileName(p.MainModule.FileName))
      Catch
      End Try

    Next
  End Sub

Open in new window

 
But what I need to know is how to detect if any of these applications are firing keystrokes and mouse movements etc. at my application.

Regards,
Leigh
0
Comment
Question by:LeighWardle
2 Comments
 
LVL 31

Accepted Solution

by:
Frosty555 earned 500 total points
ID: 39658380
I can't think of any reliable supported way to do this. The whole point of remote-control software is to simulate mouse and keyboard events exactly as if it was a physical mouse and keyboard performing the actions in a way that is transparent to the operating system and/or software running on the system (since that's how you achieve maximum compatibility). It is difficult to detect by design.

The closest I think you can get is to look for evidence that these sort of programs are running through other means - such as what you have done to look for the presence of the TeamViewer process. You can also look for obvious signs that VNC is running, for example checking if ports 5800-5900 are open. Of course that can be easily circumvented by the user by simply configuring their VNC server to listen on another port.

But even if  you do find reliable ways to detect TeamViewer, VNC and RDP, what about all the other remote control applications out there today, or in the future? Applications like LogMeIn, Ammyy, Radmin, GotoAssist, and a dozen other smaller companies make similar products.

What about BMC/IPMI or IP KVMs which simulate keystrokes at the hardware level for the purposes of remote control? What about a virtual machine running on Hyper-V or in VMWare and being controlled remotely via a management console? Or application virtualization products like Citrix XenApp, Microsoft RemoteApp which run an application on a server and then present it to user at a remote location? These products are virtually undetectable.

Do you draw the line at remote-control applications? What about automation tools like AutoHotkey which simulates keystrokes to automate software?  Gamepads with macro record/playback functionality, programs like Joy2Keys, or things like barcode readers, card swipers or keyboard wedges?

There's an endless number of different programs which simulate keystrokes with various levels of transparency to the operating system for the purposes of remote access, or automation. It would be almost impossible to block them all.

I would argue that whatever the reason is you feel your program needs to know if remote control apps are being used... you're probably mistaken. Preventing the use of remote-control software in conjunction with your application is better enforced by specifying it in the terms-of-service for your application, refusing to provide support for scenarios where the application is being used in an improper manner, or by enforcing it through company policy - the solution is social, not technical.
0
 
LVL 1

Author Closing Comment

by:LeighWardle
ID: 39673718
Many thanks, Frosty555, for your detailed exposition on the topic.
Regards,
Leigh
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A long time ago (May 2011), I have written an article showing you how to create a DLL using Visual Studio 2005 to be hosted in SQL Server 2005. That was valid at that time and it is still valid if you are still using these versions. You can still re…
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question