5
1
So I had port 5938 exposed to the world accidently. No foul. No one seemed to be able to establish a session it according to the teamviewer logs. But netstat show some random (non teamviewer) IP connecting directly to 5938 .
I blocked incoming 80 and 5938 . I am still able to connect to that system. Incoming and Outgoing teamviewer connections still work.
What is the point of having 80 and 5938 open by default for Teamviewer? also, why would I be seeing random IP's with established connections on port 5938 ? does teamviewer use some sort of p2p networking?
Yes I understand if you block outgoing port 80 teamviewer will not be able to establish a connection to the master servers. But my question is why would it need to hold on to incoming ports. – Tom G11 – 2011-11-03T22:35:11.923
That I don't know. I think I remember that there is away to provide a weblink to someone and have them use that link to connect to your teamviewer session. Could this be the reason? – bourne – 2011-11-03T22:42:02.927
I think you're right - that's to allow at-will incoming sessions. – Shinrai – 2011-11-03T22:51:16.203
5And I would just add that Teamviewer is a wonderful product, but if you need to be this paranoid about open ports any remote access product that uses a centralized database to negotiate connections (Teamviewer, LogMeIn, GoToMyPC) is probably not right for you. – Shinrai – 2011-11-03T22:52:32.660
You can set "Don't use incoming ports 80 and 443" under "Advanced" options to prevent this. Weird thing is though on the Teamviewer website they claim port 80 is only used for outgoing connections... – bourne – 2011-11-03T22:55:39.667
Teamviewer is a good product. however, I have had my issues with them. They do not support non-active directory domains. I have had major issues installing their software using their provided VBscript and exported registry files. Besides that, they're great! – bourne – 2011-11-03T22:59:18.227