But anyone who port scans your IP address is likely to get a response back because of it, and hence it can be exploited. Port forwarding - you'd need access to your router which would also need to have the settings available to do this. I can think of a few ways to do it, with pros and cons. It also doesn't let 'empty' passwords through - this is something we've received _alot_ of push back on because a surprising number of users don't have passwords on their machines. Finally - our cloud based access control checks makes sure no one can randomly connect to your device (vs having a port open which anyone on the internet can attempt a connection to).ĮDIT: One more thing I forgot to add: The 'Connect' app running on your computer, with the Fluid protocol has an additional layer of security built in - it will not allow connections to your computer without a user name and password - so even if something fails in the cloud, it will try to protect your computer by trying to make sure it's you (this is the 'Windows Credentials prompt you see). If someone were to scan your network from the outside they won't see any ports open when you have Connect running vs when you manually run a VPN server or create a port forwarding directly where a potential attacker can see which services you're running. The reason being is with Connect you don't have to open up any ports. IMHO it's more secure to run the 'Connect' service than running a port forwarding. This also is true when we fallback to the relay servers (see above) the relay servers can not decrypt the connection data. This means that even our servers can not decrypt the connection data because the encryptionkeys used to encrypt the connection never leave your devices. The connection between your devices is always encrypted using end-to-end encryption (DTLS specifically). We try to avoid this scenario as much as possible because it tends to slow down the connection (adds another hop). Sometimes a direct connection might not be possible (network restrictions / firewalls) and we may need to fall back to a relay server to help complete the connection. This way random users will not be allowed to initiate connections to your computer (unless of course you've explicitly allowed them). Our cloud service also makes sure only users who are allowed to explicitly connect to your device can connect (i.e. We use a technique called 'udp hole punching' to create a direct connection without explicitly opening up any ports on your router. When you want to connect to your computer, your devices will exchange messages using our cloud service to bootstrap a direct connection between them. Our Connect service runs in the cloud and your computer and devices log into the service so that they can 'speak' which each other even when you're outside your home network. I'm assuming you mean how our 'Connect' service works to help you connect from anywhere: ![]() I'm a developer who works on Jump Desktop.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |