Shulou(Shulou.com)06/01 Report--

teamviewer connection process:

After running TeamViewer, the computer connects to the TV server, which assigns the computer a unique ID based on MAC.

When one TeamViewer connects to another, it connects to the server first, and finds the computer to connect to by mapping ID to computer.

1. If either party of the connection is a network environment with a public IP, the P2P connection is initiated from the intranet IP to the public IP party. At this time, the session initiation direction is trust to untrust.

2. If both parties are intranet, TeamViewer data will be transferred through TeamViewer's own server. At this time, the session initiation direction is also trust to untrust.

The security policy of only prohibiting external network to internal network is to prohibit teamviewer. teamviewer can use any of the three ports 80, 443 and 5938 to establish a connection with the transit server. Application filtering needs to be configured to prohibit teamviewer programs in the direction of trust to untrust.

regex TV-RGX ".teamviewer.com"

regex DG-RGX ".dyngate.com"

class-map type regex match-any TV-CLS

match regex DG-RGX

match regex TV-RGX

policy-map type inspect dns TV-PLC

parameters

message-length maximum 512

match domain-name regex class TV-CLS

drop

policy-map global_policy

class inspection_default

inspect dns TV-PLC

service-policy global_policy global

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.