Closed AlvaroNieto closed 2 months ago
Similar problem reported by me in &A https://github.com/rustdesk/rustdesk-server-pro/discussions/307
@21pages follow it up.
We have put a fix to enforce the download security on our server side a moment ago.
We have put a fix to enforce the download security on server side a moment ago.
Thank you for your consideration.
is it advisable to change the key ?
is it advisable to change the key ?
I would advise to build a new client with changed IP and key to verify if it is really downloaded by others.
It is quite similar to this https://docs.tacticalrmm.com/faq/#help-ive-been-hacked-and-there-are-weird-agents-appearing-in-my-tactical-rmm
My fix can not handle this AV case.
My fix can not handle this AV case.
As long as the only "ghost" connections that appear are from the AV samples, we are comfortable with it. We have random passwords and monitor new devices that connect to the server. Should not be an issue.
I left a new custom client created ready to be downloaded (but never executed), I will check tomorrow if new IDs have appeared. If not, I will close the issue.
Thank you!
No unknown IDs!
Everytime I create a new custom client, I see new and unknown devices that download the custom client and executed it in the following seconds. I always remove the custom client after I download it becase of this, but sometimes it still happens.
I have Rustdesk Server Pro version 1.4.0 but has been happening since the launch of the custom client.
Is there any possibility that thirth parties are able to access the custom client files from Rustdesk's backend? That would be kind of an important issue.
My server is not accesible from the internet so my infrastructure should no be the problem.