• Ralf B
    1
    Hello,
    I have pretty annoying problem with the new version 2.2
    Background:
    I'm managing my firewall manually, inbound and outbound connections are not allowed until I create the specific rules. I'm using Windows Firewall Control from Binisoft to manage my firewall rules.
    It seems that on every reboot Remote Assistant searches for rules containing "remote assistant.exe", deletes them (inbound AND outbound), and creates a new rule to allow an inbound connection.
    While this is acceptable for an average joe, it kinda blocks itself in this more restricted environment (homelab) by not creating a rule to allow outbound connections.

    Deleting manually set firewall rules is a no-go.

    How do i get rid of this behaviour? A remote access tool that kills itself upon restart is useless and I wont sacrifice my network security because Remoste Assistant uses a quick-and-dirty aproach to configure the Windows firewall.
  • Ralf B
    1
    No answer why Remote Assistant is deleting firewall rules? That makes your software unusable in a business environment.
    Come on, I thought i was dealing with professionals....
  • Matt
    91
    Do you see any unusual activity in the event logs?
    For further investigation we need diagnostic logs from the software(Main menu > diagnostic). Be sure to add that these logs are for Sergey N in the issue description and past the link to this forum thread.
    Once the ticket is created please also attach event logs from the machine and continue communication in the ticket system.
  • Sergey N
    26
    I'm managing my firewall manually, inbound and outbound connections are not allowed until I create the specific rules. I'm using Windows Firewall Control from Binisoft to manage my firewall rules.
    It seems that on every reboot Remote Assistant searches for rules containing "remote assistant.exe", deletes them (inbound AND outbound), and creates a new rule to allow an inbound connection.
    While this is acceptable for an average joe, it kinda blocks itself in this more restricted environment (homelab) by not creating a rule to allow outbound connections.
    Ralf B

    Hello Ralf,

    This is a predicted behavior and nothing really scary here. Those ports are being opened for Direct Connect functionality of the software, to disable it you can simply switch off this functionality in the Options - Incoming Connection - Direct Connection LAN and Internet. I agree that we haven't documented it yet, it is coming and will be released really soon, o hand just as a heads up mostly all of the bigger Remote Software complexes do this. Sorry for any inconvenience caused.
  • Ralf B
    1

    I just switched off the two options you mentioned. The rules are still getting deleted.
    But if this is a predicted behaviour, why only creating an inbound connection and not an outbound connection? And why deleting manually set firewall rules in the first place? This just doesnt add up, someone just messed things up in this version.
    And i dont think any event logs would help, this is something that is hard-coded into the programm, so a look a the source code is the right way to go, not logs....
    Every reboot i have to manually re-set those firewall rules. If im not physically at the machine at a reboot (windows updates and such) i get locked out. That cant be an expected behaviour.

    "o hand just as a heads up mostly all of the bigger Remote Software complexes do this"
    I'm the admin of multi-national and multi-million-dollar company and every software that tries to fiddle with our security like that will get the boot. To be fair, we are working with hardware firewall appliances in our different networks so changing windows firewall rules would be useless in a our business environment anyway.
  • Sergey N
    26
    Hello Ralf,

    I just switched off the two options you mentioned. The rules are still getting deleted. But if this is a predicted behaviour, why only creating an inbound connection and not an outbound connection?Ralf B

    So let us make sure that we are on the same page, by expected behavior I meant creating those rules, not deleting any existing ones. As for the Inbound connection only it is pretty much simple, outbound ports are 80 and 443 which are usually open for software to use.

    And why deleting manually set firewall rules in the first place? This just doesnt add up, someone just messed things up in this version.Ralf B

    This is unexpected behavior and I have already reported it to our R&D to check and correct in the next versions, I was able to reproduce it on a few test machines. However, there are things we need to consider.

    Every reboot i have to manually re-set those firewall rules. If im not physically at the machine at a reboot (windows updates and such) i get locked out. That cant be an expected behaviour.Ralf B

    One of them is the usage of Windows Firewall, in my personal opinion it is garbage, it has too many flaws, it had too many exploits and basically it is not safe (over 30 CVE's publically available and who knows how many private one's) . Secondly, we have to consider the "Average Joe" that you mentioned, try explaining a novice PC user that just simply wants to connect and help his Grandma what is Firewall and how to open the ports in it.

    Summarizing it all up, we surely understand what do you mean and why it is important for you and we are really grateful for pointing it out for us. I will personally make sure that we document this better and allow disabling this behavior in the next release. Thank you.
  • RtheC
    3
    Found this thread after having the exact same issue - any chance there has been any resolution to this problem?

    I'm also using the firewall controls from binisoft with everything locked down to rules/permission only.

    Cloud.Ra.Service stays in the rules, but as with Ralf, the remote assistant is removed from the rules at each boot.
  • Sergey N
    26
    hello, we are already discussing this with our R&D, however, I cannot really give you any ETA on the implementation of the feature. Thank you.
  • Ralf B
    1

    I've built myself a workaround.
    Just create a batch file, i.e. AllowRemoteAssistance.bat, and add the following lines:
    ping localhost -n 30
    "C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe" -allow "C:\Program Files\Remote Assistant\Remote Assistant.exe"
    
    Just drop that file in "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp", that's the autostart for all users in Windows 10.
    The ping command is used for a delay of ~30 seconds to ensure everything has been loaded before adding the firewall rules.

    For people who are not using WFC and manage their firewall completely manually, here is a solution for you:
    ping localhost -n 30
    netsh advfirewall firewall add rule name="RemoteAssistanceInbound" dir=in action=allow program="C:\Program Files\Remote Assistant\Remote Assistant.exe" enable=yes
    netsh advfirewall firewall add rule name="RemoteAssistanceOutbound" dir=out action=allow program="C:\Program Files\Remote Assistant\Remote Assistant.exe" enable=yes
    

    Be aware that netsh-commands need administrative privileges, so dropping that file in autostart might not work with UAC enabled.

    BTW:
    I have to smirk every time when i see the words "implementation of the feature" instead of "fixing the bug".
  • RtheC
    3

    I had considered doing something similar, but hadn't gotten around to it yet - good job.

    I can understand deleting the firewall rule, totally acceptable for a one time use - but as soon as that unattended access option is checked, the rule should be permanent.
  • Sergey N
    26
    Hey there Ralf, a damn good job! I will show it to the dev's and maybe they will be able to come out with a utility of some sort with the same actions.
bold
italic
underline
strike
code
quote
ulist
image
url
mention
reveal
youtube
tweet
Add a Comment