1

I have borowed a laptop from the library, and I am concerned there might be a remote access to check what the user is doing.

An antivirus would not detect that, since many remote access is "legitimate" like AnyDesk, TeamViewer etc. Or it could even be custom made, so lacking a signature to be detected.

Is there some software that scans all types of remote access and the presence of such software ?

Platform: Windows 10.

kevin
  • 11
  • 1
  • Welcome to the community. I think what you're trying to do is illegal... – Sir Muffington Feb 24 '23 at 20:24
  • With what Sir Muffington said, it sounds like you're trying to circumvent your libraries use terms and auditing, and probably could be illegal. If you're trying to see what's running, you can open task manager and look at whats running, open the installed software settings and see whats installed, google search each item and see what it is. But I would caution trying to circumvent any controls they have in place for the system, they likely have some audit logging to protect the appropriate use of the system. – AustereGrim Mar 01 '23 at 19:27
  • For information, you can run a `netstat` to show what ports are open on the computer and potentially show the applications/binaries holding those ports open, then research those applications. – AustereGrim Mar 01 '23 at 19:31

2 Answers2

1

Let's start by assuming the computer is on a LAN, behind a router running NAT, as is the case in most homes and small offices. If that's the case, then any computer on the WAN side of the router would have a difficult time connecting to the computer, being that NAT typically does not forward incoming connections to hosts on a LAN by default. Notwithstanding, you might want to run an NMAP on the computer, from another computer on the LAN, just to be sure that the computer in question doesn't have any ports open for accepting incoming connections.

That leaves the possibility that there is a program on the computer that is making outgoing connections, to some host server on the WAN side of the router, which is then used to remotely access the computer. If your router allows you to view outgoing connections, you might want to take a look at these, and see if there are any outgoing connections from the computer to hosts/ports that you don't recognize.

mti2935
  • 21,098
  • 2
  • 47
  • 66
  • "NAT typically does not forward incoming connections to hosts on a LAN by default." no but upnp will freely. – AustereGrim Mar 01 '23 at 19:20
  • Instead of nmap, running `netstat` would be a better option on the computer since he has access, to show what ports are open and what binaries are holding it open. – AustereGrim Mar 01 '23 at 19:33
0

You could install:

  • Good name paid antivirus, it will block and quarantine most of the bad stuff.
  • If you are paranoid you could install solarwinds Network Bandwidth Analyzer Pack
  • Or visit this
  • If you are really paranoid about malware, get a switch, ban all ports you don't need. Ban all hosts and ips you don't use, and add rules in the switch to let through ips outbound and inbound when you need them.
Marko Ilić
  • 1
  • 2