VULNERABILITY DIGEST FROM ACTION1

Patch Tuesday and third-party updates | This Wednesday | 12 PM EST / 6 PM CET

Action1 5 Blog 5 How to Detect Remote Control Tools on Your Network

How to Detect Remote Control Tools on Your Network

February 19, 2024

By Peter Barnett

In the evolving landscape of cybersecurity, the significance of maintaining visibility over the tools used within your network cannot be overstated. Remote control software, while essential for productivity and remote support, can also pose potential vulnerabilities if not properly managed. Recent breaches involving widely used remote control and management tools such as AnyDesk, Kaseya, and SolarWinds underscore the urgent need for rigorous oversight and management of these applications. These incidents highlight how even reputable software can become a vector for cyberattacks, emphasizing the importance of continuous monitoring and proactive security measures to safeguard against unauthorized access and potential exploitation.

To address this, Action1 developed a PowerShell script allowing to provide IT administrators with comprehensive insights into the presence of common remote access applications within their networks, such as AnyDesk, TeamViewer, Splashtop, among others.

Run this script using Action1 (as shown below) or use with any endpoint management/RMM system.

Log in to the Action1 Platform or sign up for an account, the first 100 endpoints are free with no feature limitations.
Setup in minutes to reduce your cyber risks and costs:

No credit card. 100 endpoints free. No feature limits.

Leverage this script to monitor for remote control software within your network and detect potentially vulnerable products swiftly:

1. Click to create a new data source or follow these steps:

    • Go to Configuration | Data Sources, click [+New]
    • Enter data source name, such as ‘Remote Control Tools’, [Next]
    • Copy and paste the script above, [Next]
    • Run on a test endpoint*, [Finish]

    *This step WILL run the script on the endpoint, so ensure whatever system is being tested on has a proper backup recovery procedure.

2. Click to create a new report based on the new data source or:

    • Go to Real-time Reports & Alerts | Custom Reports, click +Add
    • Select your new data source (e.g. ‘Remote Control Tools’)
    • Enter report name, such as ‘Remote Control Tools’, [Next].
    • Choose [Simple Report]
    • Click [Add Columns] and add all columns, [Next], [Finish]

Use this report regularly to spot any unauthorized remote control tools on your network. For more insights and updates, keep an eye on our blog and join our upcoming webinars.

See What You Can Do with Action1

 

Join our weekly LIVE demo “Patch Management That Just Works with Action1” to learn more

about Action1 features and use cases for your IT needs.

 

spiceworks logo
getapp logo review
software advice review
trustradius
g2 review
spiceworks logo

Related Posts

What is Vulnerability Management?

Vulnerability management is an ongoing process of identifying, evaluating, prioritizing, and addressing security vulnerabilities in an organization's systems and the software...

read more

What is Patch Management?

Patch management is the process of keeping software up-to-date by installing updates called patches in order to address security vulnerabilities and close them timely, add new...

read more