Remote Control:pcAnywhere

url:www.symantec.com
Client OS: Windows 9x/NT/2000
Target OS: Windows 9x/NT/2000
Description: This is one of the most popular remote control/management tools currently
available. It features a client–server architecture, with the server running on the controlled
host (called the host PC) and the client on the controlling host. However, the same source
code can act as both a server and a client.
If you find pcAnywhere running on a host, you can (if you have the client running on your
machine) attempt to connect to it. There are two passwords involved with this program, one
protecting the administrator (user_admin) account and a second necessary to edit
pcAnywhere’s configuration. This password is used to decrypt the user_admin.cif file in
which the properties are defined.
When connecting, you may be able to guess these passwords. Remote control software,
including pcAnywhere, is frequently used as a convenience-seeking tool and in light of this,
the passwords are often easy to guess. If that is not the case, there is a tool, pcax.exe,
available that can crack both passwords. pcax.exe is run on the host running the
pcAnywhere server.
Use: You can connect to a host running pcAnywhere in multiple ways. One method is to
dial in through a modem. Often hosts with rogue modems also feature listening
pcAnywhere servers. Additionally, connections can be made over networks running
TCP/IP, SPX, NetBIOS, or Banyan VINES (newer versions may add additional protocols).
Connections are made with either the host name or IP address. A direct cable connection
is also possible.
Once you are connected, you should attempt to ascertain the level of control you have
achieved. Within pcAnywhere, it is possible to specify permissions for individual users.
While pcAnywhere is not an entirely secure tool, a few configuration options are available
that can help thwart a hacker.
This tool has a GUI front end through which it can be configured and used as either thehost PC or the controlling PC. Configuration settings are specified by selecting the
appropriate button on the tool bar along the top of the GUI. By clicking on the Remote
Control button,