How exactly does a remote program like Team Viewer work?
If you make use of Windows RDP or Remmina, you normally use the IP (public) or attached hostname of the server to log on. I was wondering how a remote program like Team Viewer works? And also, how does the program know how to route that traffic over the internet?
Solution 1:
TeamViewer, LogMeIn and any other program that allows a zero config
remote desktop session uses a third-party server.
For example, LogMeIn is a program similar to TeamViewer where you are able to remotely login to a computer outside of the network that you're currently on. You will notice that there are no external configurations required for this type of remote session. This is due to the fact that the software that you installed on the remote machine (the LogMeIn client) initiates an outgoing request to the LogMeIn servers. Since this client initiated the request, no port forwarding on the Firewall is required.
On your computer, outside of the network of the LogMeIn computer, can access this computer remotely through LogMeIn's website. This website accepts the initiated request from the remote computer and keeps the connection alive to listen for a remote session request.
When you run TeamViewer, you are assigned an ID on their broker server. You make a connection to a Teamviewer ID, and TeamViewer passes the connection down through the TeamViewer client's established tunnel to the destination and you then you are prompted for password and then the connection establishes afterwards.
Solution 2:
Teamviewer uses port 80 to make a connection to a central server. If the connection is made, you get a unique ID, and the server knows you're online. All communication can happen over port 80 if other ports are blocked.
Teamviewer does allow you to connect directly to an IP-address. You have to set this in the options, to allow incoming LAN connections. This works for local networks, and probably for WAN networks as well, but then you have to get portforwarding working, to get port 80 to connect to the right computer behind the router/firewall. That makes things difficult for most people, and unmanageble for most of the rest, so then we use the Teamviewer ID method.
I don't know if this means that all traffic goes via the teamviewer servers, but it might. (And as it registers all clicks and keypresses, that probably means that they could - in theory - and since we know about PRISM etc probably in reality as well - know about all your logins and secret keys.)