Is Teamviewer a security risk

[Odyssey1942]

I have recently learned about TeamViewer, which allows you to remotely connect to another TeamViewed enabled computer, either to retrieve files or operate the "home" computer. Possibly a very convenient thing on occasion.

I do not understand very much about open ports, "listening", and "calling out", but I am surmising that if one calls one's home computer from a distant computer using TeamViewer (perhaps any remote conncection) that the home computer must be listening, and therefore must have an open port.

If I understand it, Ubuntu doesn't normally open ports to "listen" for incoming connections, so if this is what TV is doing, does this represent a significant security risk? And if so can it be mitigated?

[uRock]

Hello,

I have moved your thread to the Security Discussions sub-forum, where it may get the best results.

You can use the netstat command to see what ports are currently listening.

Have you forwarded ports through your router? If not, then it is likely the system can't be seen from the outside world. If you have, then you may want to place rules in your firewall allowing only the IP addresses you know you will be connecting from to be able to connect to your system and denying all others. This link may be helpful in configuring your system's firewall, https://help.ubuntu.com/community/UFW

[papibe]

Hi Odyssey1942.

Setting up remote access to a machine is not a security risk, as say running IE on XP.

However, it opens a security concern. Having said that, a lot of people, including me, allow home remote access through ssh.

The most common ways someone could gain access to your machine are:

• your phone/laptop gets stolen with the remote access password saved for convenience, or
• a brute force attack.

The second case it is very unlikely to happen on a home Internet connection (VPS are usually attacked though). There are common practices to dealing with that situation. Take a look at fail2ban, and iptables.

Hope that helps. Let us know how it goes.
Regards.

[CharlesA]

What papibe said. If you do set up TeamViewer for 24/7 access, be sure to use a super strong password. Any form of remote access can be attacked, but if you have a strong password, it should be "OK"

The better thing to do is not launch teamviewer unless you need it.

[mekon2]

Any recommended alternatives to Teamviewer? I want to access my Ubuntu desktop at home from work.

[IvoGuerreiro]

Teamviewer for me it work perfectly, but if you want something different give a look at Remmina.
http://remmina.sourceforge.net/

[SeijiSensei]

I gave TeamViewer a run the other day as I was curious about connecting to a desktop machine from my Android. Other than trying to navigate a full desktop on a 4" screen, it worked well.

It doesn't look to me like it opens any ports on the target computer at all. Perhaps TeamViewer works like GoToMyPC, where all the communications are mediated via an online server? It also looks to have some pretty heavy encryption as well. From the webpage: "TeamViewer is a highly secure remote maintenance solution. Your connections are established via fully encrypted data channels using 2048-bit RSA key exchange and 256-bit AES session encoding."

[bashiergui]

Other than trying to navigate a full desktop on a 4" screen, it worked well.

LOL sounds perfect

[SeijiSensei]

I was just curious to see how well it works. Personally I'd rather carry my 10" ASUS netbook.

I have also thought about connecting the phone to a television with an HDMI cable and adding a Bluetooth keyboard and mouse. That might make for a lightweight computing option while travelling.

[CharlesA]

I was just curious to see how well it works. Personally I'd rather carry my 10" ASUS netbook.

I use it if I need to do support for my Aunt. It works well and is fairly responsive even over low bandwidth links.

I've used it off my 14" laptop before, but I don't think I could stand using it on a 4" phone.