Hi all, if this is out of line feel free to remove.

I had some computer problems and found this guy, Dave's Tech Support (http://www.davestechsupport.com)
I ended up meeting the young fellow to find out I had a bad motherboard.

He has gone through tech school and making a go at making a living doing support.

Looks kind of like the dozer business to me. At first no one knows to contact you or they have someone, then slowly you keep getting customers, and then you start getting behind and wish you could avoid the phone.

Just be careful who you trust and what software you allow to be installed on your machine for "remote assistance". Too many times inexperienced technicians will fix your computer but leave software installed on your machine which makes it vulnerable to attacks.

Hello GA_RR. Kent showed this thread to me and I thought I'd come in here and explain whats different about my remote assistance software from the amateur techs you've had bad experiences with in the past.

My software is called Virtual Dave. It is based upon the open-source VNC (Virtual Network Computing) protocol, commonly used in Linux systems (such as what Kent and I use). VNC is included with most distro's of linux by default. Similarly, Windows XP included with it the RDP protocol, which uses a invitation creator to make a file that you are supposed to send to the "expert." However, this invitation method has two sever flaws:

1. The "broken" computer is set to listen for an incoming request from someone. This exposes the system to potential hacks.

2. The invitation file does not compensate for computers that are behind routers. So port-forwarding has to be configured by hand in order to get the tech's computer to connect to the clients computer. A real pain in the but, from a network admin's perspective.

My use of VNC eliminates these two flaws by doing the following:

1. Uses what's called a "Reverse VNC connection". This is where I set MY computer to to listen for an incoming connection from a clients PC. This way, any port-forwarding that needs to be configured can be done by me on my end. And best of all, no port forwarding needs to be set up on the clients end, nor does their computer ever listen for an incoming connection. A much more secure solution for remote desktop assistance by comparison.

Since VNC is part of Linux, I don't need my own custom software to help Linux users like Kent out. But for Windows users, I've created Virtual Dave. Virtual Dave turns the process of starting a remote session into ONE-CLICK. Remote assistance made truly simple and very secure.

You can read more about this software at http://www.davestechsupport.com/vdave.html

Thanks for looking!

Dave, I understand you wanting to defend your business....and for 90% of people out there yes, the likelihood of running some open source software like VNC causing vulnerability to a system is low. However, trust me when I tell you even installing and then removing VNC or any other remote assistance software does leave a Windows machine at a much greater risk to attacks.

It will basically fall down to a decision as to how important the data on your machine is. For home users who use their machines for surfing and basic applications, I'd say allowing remote assistance is a good alternative for saving money on computer repair; however, if you regularly pay bills, or if your machine is a business one used containing customer information, the cost saving are far from worth the risk you run.

However, trust me when I tell you even installing and then removing VNC or any other remote assistance software does leave a Windows machine at a much greater risk to attacks.

It will basically fall down to a decision as to how important the data on your machine is. For home users who use their machines for surfing and basic applications, I'd say allowing remote assistance is a good alternative for saving money on computer repair; however, if you regularly pay bills, or if your machine is a business one used containing customer information, the cost saving are far from worth the risk you run.

Again, an even more detailed explanation of how my software works is provided in the link I previously posted.

You can capture and examine network traffic in and out of your computer, packet-by-packet, using the program Wireshark. You can find it here:

http://www.wireshark.org/

Using the software, you can watch every single bit of network traffic that takes place over any network interface you have on your computer. The software is available for both Linux and Windows, as well as OS X and many others.

Another useful app is from the command line: netstat.

Click Start>Run> and type "cmd">Press the Enter Key.

Then type netstat. This will show you ports that are currently in use on your computer. If you notice anything odd, I'd be glad to address it for you for free.

Again, an even more detailed explanation of how my software works is provided in the link I previously posted.

You can capture and examine network traffic in and out of your computer, packet-by-packet, using the program Wireshark. You can find it here:

http://www.wireshark.org/

Using the software, you can watch every single bit of network traffic that takes place over any network interface you have on your computer. The software is available for both Linux and Windows, as well as OS X and many others.

Another useful app is from the command line: netstat.

Click Start>Run> and type "cmd">Press the Enter Key.

Then type netstat. This will show you ports that are currently in use on your computer. If you notice anything odd, I'd be glad to address it for you for free.

Thanks for the little lesson on networking. Again, I'm not trying to put down your business or even scare people from using it. However, I'm more than knowledgeable on security practices of basic networking (I am a network admin and recently CISSP certified as well as CCNP, MCSE and a few other entry level certs like Security+, A+ and Net+)

As I said in my above post, software like this is fine for your basic home user to use to save some money. But if you look at any organization's security policy who holds customer information or other sensitive info in their databases you'll see using and remote assistance software is a huge no no.

Totally agree GA_RR - and the same goes for the classic problem with unsecure wirless networks.

I don't know how many times my geek friends have shown me how they can easily logon and use the neighbour's unsecure network. Maybe it's not so bad for home users, but it can be devasting to businesses (just imagine what someone with full access to all your files/internet communication could do).

Totally agree GA_RR

I will have to say that I also agree with GA_RR, but add that I personally wouldn't feel any safer dropping my computer off at a store for nobody knows how long. The amount of bandwidth between an external USB hard drive and a PC is much greater than even your fastest Internet connection. And unlike a remote connection based on VNC, you'd never seem them copy all your personal files off if they were to try to steal anything. In addition, with a remote connection, you never have to get out of your chair and take your computer anywhere.

The alternative if course is to have a tech visit on-site. Which is exactly what you want if you work in a data center (which I do), or if you're a small business owner with a computer filled with trade secrets and financial documents. Though I think it a little sad to see people paying extra for Microsoft's arguably unstable and insecure operating systems. I'm sure Kent would agree with me: It's repulsive to be told that you have to buy 3rd party software in order to give your expensive operating system enough security to be able to take it onto the Internet. Unlike the typical geeks behind the counter wearing little plastic badges, I don't recommend Windows to anyone for anything. Linux is the way to go if you want to sleep at night.


and the same goes for the classic problem with unsecure wirless networks.

I don't know how many times my geek friends have shown me how they can easily logon and use the neighbour's unsecure network. Maybe it's not so bad for home users, but it can be devasting to businesses (just imagine what someone with full access to all your files/internet communication could do).
If you're running an unsecured wireless network, it's your own deliberate choice to do so. When you purchase a new wireless router, the wireless part of it is disabled by default. It is your responsibility to enable encryption after enabling your wireless router. If you don't, you can't blame others for your own negligence.