Solved

How to detect if my running Windows application is being driven by a remote application?

Posted on 2013-11-18
2
898 Views
Last Modified: 2013-11-24
Hi Experts,

I am looking for a way to detect if my running vb.net Windows Forms application is being driven by software such as Remote Desktop, VNC, Teamviewer etc.

I want to know if any of these applications are controlling my application -

I have code like the following that will let me check if applications such as Teamviewer are running:

Sub Main()
    For Each p As Process In Process.GetProcesses()
      Try
        'Console.WriteLine("{0} {1}", p.Id, Path.GetFileName(p.MainModule.FileName))
        MsgBox(p.Id & " " & Path.GetFileName(p.MainModule.FileName))
      Catch
      End Try

    Next
  End Sub

Open in new window

 
But what I need to know is how to detect if any of these applications are firing keystrokes and mouse movements etc. at my application.

Regards,
Leigh
0
Comment
Question by:LeighWardle
2 Comments
 
LVL 31

Accepted Solution

by:
Frosty555 earned 500 total points
ID: 39658380
I can't think of any reliable supported way to do this. The whole point of remote-control software is to simulate mouse and keyboard events exactly as if it was a physical mouse and keyboard performing the actions in a way that is transparent to the operating system and/or software running on the system (since that's how you achieve maximum compatibility). It is difficult to detect by design.

The closest I think you can get is to look for evidence that these sort of programs are running through other means - such as what you have done to look for the presence of the TeamViewer process. You can also look for obvious signs that VNC is running, for example checking if ports 5800-5900 are open. Of course that can be easily circumvented by the user by simply configuring their VNC server to listen on another port.

But even if  you do find reliable ways to detect TeamViewer, VNC and RDP, what about all the other remote control applications out there today, or in the future? Applications like LogMeIn, Ammyy, Radmin, GotoAssist, and a dozen other smaller companies make similar products.

What about BMC/IPMI or IP KVMs which simulate keystrokes at the hardware level for the purposes of remote control? What about a virtual machine running on Hyper-V or in VMWare and being controlled remotely via a management console? Or application virtualization products like Citrix XenApp, Microsoft RemoteApp which run an application on a server and then present it to user at a remote location? These products are virtually undetectable.

Do you draw the line at remote-control applications? What about automation tools like AutoHotkey which simulates keystrokes to automate software?  Gamepads with macro record/playback functionality, programs like Joy2Keys, or things like barcode readers, card swipers or keyboard wedges?

There's an endless number of different programs which simulate keystrokes with various levels of transparency to the operating system for the purposes of remote access, or automation. It would be almost impossible to block them all.

I would argue that whatever the reason is you feel your program needs to know if remote control apps are being used... you're probably mistaken. Preventing the use of remote-control software in conjunction with your application is better enforced by specifying it in the terms-of-service for your application, refusing to provide support for scenarios where the application is being used in an improper manner, or by enforcing it through company policy - the solution is social, not technical.
0
 
LVL 1

Author Closing Comment

by:LeighWardle
ID: 39673718
Many thanks, Frosty555, for your detailed exposition on the topic.
Regards,
Leigh
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Populating an array of locale_time_info 8 37
Data is not showing from images 15 37
Vb. Net application freezes 9 28
Access to class from any project within a solution. 6 14
Many of us here at EE write code. Many of us write exceptional code; just as many of us write exception-prone code. As we all should know, exceptions are a mechanism for handling errors which are typically out of our control. From database errors, t…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This is a video describing the growing solar energy use in Utah. This is a topic that greatly interests me and so I decided to produce a video about it.
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now