topic Re: Remote Desktop weakness in Norton 360

Remote Desktop weakness

lordergf — Tue, 08 May 2012 06:07:51 GMT

In automatic mode firewall of Norton 360 allow inside connection without any reaction.With this function in Windows some friends of mine showed me how is easy to control my PC without my knowledge! In any network they just know my IP to take control. I seen this with my own eyes and made my self some tests and Norton is vulnerable.And i disable remote desktop and put password on my accounts. Make something like Kaspersky( see the picture)

Please do something about this!Put rule in firewall to ask user before allow this connection.

Regards,

lordergf.

Re: Remote Desktop weakness

lordergf — Tue, 08 May 2012 06:57:32 GMT

So easy.Fix this please!

Re: Remote Desktop weakness

MehulBhai — Tue, 08 May 2012 13:06:00 GMT

Please let us know what you are saying. Give more details to know your problem.

Re: Remote Desktop weakness

lordergf — Tue, 08 May 2012 15:17:54 GMT

When i used Remote Desktop Connection Norton 360 do not asked me to allow this connection . Norton just create a automatic rule to allow connection from other computer and this is dangerous because everybody may take control over my PC!
.

Remote Desktop just log off you and you lose control. I want even in automatic mode of firewall, Norton keeps me informed if someone try to connect me.

If you do not a password in your account you lose the game.

Re: Remote Desktop weakness

SendOfJive — Tue, 08 May 2012 17:03:09 GMT

Hi lordergf,

I'm not precisely sure that I understand the question. If you do not want remote assistance, you should disable it. If it is enabled, Norton would not block it as it would be something that you have permitted. Am I missing something?

Re: Remote Desktop weakness

lordergf — Tue, 08 May 2012 17:21:49 GMT

Hi.

I have permitted only by myself. Because i wanna control my other computer like thousands people out there. So where is the protection of Norton? In Internet no one is fully anonymous and there lot of ways to learn my ip. And then who stop you to hack my pc? I'll make a video for you!

Re: Remote Desktop weakness

lordergf — Tue, 08 May 2012 18:20:43 GMT

Here is the video: http://youtu.be/F1GHZYErTlc Everyone in my network can tipe in cmd "netstat-n" or "net view" and my ip is visible for them.In this video is my own PC and there is nothing illegal.The point of security products is to protect you еven you a ordinary user in every situation. Or am i wrong?

Re: Remote Desktop weakness

peterweb — Tue, 08 May 2012 18:33:00 GMT

Even if someone on your network has your IP address they still need your password to access your computer.

If you do not have your accounts set up with strong passwords, you should not have remote desktop enabled.

Re: Remote Desktop weakness

hUstle — Tue, 08 May 2012 18:45:11 GMT

I support lordergf, because consumers should receive optimal protection by default. There are people who do not even know how to put password on the accounts will .. they spend money for your products ... think about them!

Re: Remote Desktop weakness

SendOfJive — Tue, 08 May 2012 19:26:56 GMT

hUstle wrote:
I support lordergf, because consumers should receive optimal protection by default. There are people who do not even know how to put password on the accounts will .. they spend money for your products ... think about them!

Norton does provide optimal protection by default - if sharing is not enabled, the Network Trust Level is "Protected." If the user enables sharing, it is assumed that that is what the user intends to do. The user can also specify, in the Norton Network Security Map, which particular devices should be allowed or blocked, if that is what the user wishes. Norton provides protection, but is also must facilitate whatever connections the user instructs the PC to allow. Otherwise, Norton would be blocking everything and users would be tearing their hair out trying to get their networks to work (which is already difficult enough without a firewall behaving like HAL).

Re: Remote Desktop weakness

lordergf — Tue, 08 May 2012 19:40:29 GMT

Sharing is not enabled, the Network Trust Level is "Protected." and Norton do not block this conection. One rule in firewall about Remote Desktop and case is closed. Is that so difficult?

Re: Remote Desktop weakness

dickevans — Tue, 08 May 2012 22:47:33 GMT

lordergf wrote:
Sharing is not enabled, the Network Trust Level is "Protected." and Norton do not block this conection. One rule in firewall about Remote Desktop and case is closed. Is that so difficult?

If a general rule to block remote desktop connections is included, what would have to be done to allow connections? Also, which case is more common - a user who will never need Norton customer support to connect to their computer to help them or users who have home networks and share things, including assistance with other users within the home?

I'm not positive but I have a very strong feeling that the law of unintended consequences will rule here and that block with cause more problems than it will solve.

On an individual level I'm sure that you can write a rule that will provide you with the feature you need.

Re: Remote Desktop weakness

peterweb — Tue, 08 May 2012 23:03:47 GMT

hUstle wrote:
I support lordergf, because consumers should receive optimal protection by default. There are people who do not even know how to put password on the accounts will .. they spend money for your products ... think about them!

If they do not know how to password protect their account, do you really think they know how to use Remote Desktop?

Those that know how to set it up should be able to set up any necessary protection.

Re: Remote Desktop weakness

SendOfJive — Tue, 08 May 2012 23:40:58 GMT

lordergf wrote:
One rule in firewall about Remote Desktop and case is closed. Is that so difficult?

If Remote Desktop is disabled, any incoming RDP traffic will be blocked by Norton automatically - no special rule needed. If Remote Desktop is enabled, the PC will need to have an RDP port open to listen, so I am not sure what a general firewall rule would look like - you can't, by default, allow some but not others, because the firewall can't possibly know what you want to allow or block. Obviously, it would be necessary for the user to create or modify a rule to specify who is and who is not allowed - not a job for the unsophisticated user.. As has been mentioned, the recommended safeguard when allowing incoming RDP traffic, is to use a strong, secure password to prevent unauthorized access.

Re: Remote Desktop weakness

hUstle — Wed, 09 May 2012 13:22:53 GMT

То peterweb

05-08-2012 04:03 PM

This is what I mean. When you do not know what is the Remote Access, Norton wall will warn connecting and everyone will decide, the user will have time to read on the Internet what it is. And when there is no question it will be late!

P.S: I will not write more on this topic, its no sense. I will stop to use Norton, I do not like your policy.

And let all user take own decision. Everyone decided.

Regards !

Re: Remote Desktop weakness

SendOfJive — Wed, 09 May 2012 20:47:01 GMT

Hi hUstle,

If you want the Norton firewall to provide warnings and permit you to make the "allow/deny" decisions, you can certainly do that, at least for outbound traffic, by turning off Automatic Program Control and enabling Advanced Events Monitoring. The firewall will block everything until you decide to allow it. You will be alerted every time a program, such as Remote Assistance, tries to connect out or is "attempting to access the Internet using one or more unrecognized modules" or "attempting to activate a controlled COM object." You will get to do the research and decide if it should be permitted or denied. Smart firewalls were developed to spare users, especially novices who are prone to make exactly the wrong choices, from having to go through all this. If you are serious about wanting to go back to this method, I would encourage you to try running the firewall in AEM mode for awhile.

Re: Remote Desktop weakness

lordergf — Wed, 09 May 2012 22:31:19 GMT

When i talk nobody listen me.

I see only empty words and nothing else. Just one rule in firewall. I am a very serious man and i have experience. Nothing less nothing more!

See this http://community.norton.com/t5/Norton-360/SONAR-4-of-Norton-360-fails-against-Trojan-Ransom-Win32-Xorist/td-p/714972

Cheers.