Remote Desktop without ANY Software | Out-of-band Access
Вставка
- Опубліковано 11 лип 2024
- Let's go over remotely accessing a computer that has NO Remote Access Software! .
►► Digital Downloads ➜ www.cttstore.com
►► Reddit ➜ / christitustech
►► Titus Tech Talk ➜ / titustechtalk
►► Twitch ➜ / christitustech - Наука та технологія
I can see why people want to have this and AMD's PSP disabled, it's creepy in personal environments but at the same time probably super handy in professional environments.
Thank you, Chris. Good content this week.
AMT has just again been hit with a serious security issue. Opening up to persistent malware/rootkits that go beyond the os and unless you flash, and that is almost impossible unless you know exactly what you're doing as it's not easy to reflash Minix as there is no software provided. That's what they get for taking Minix OS and putting a backdoor in it. I would advise it for non production and behind some real firewalls as software firewall on this thing will be bypassed. AMT is very dangerous for someone who doesn't know. CVE-2020-8758 for those interested. It's at almost 10/10 severity. 10/10 is RARE and is the UPMOST critical, intel has just published this but no one is reporting on it. It's a VERY SEVERE stop everything you're doing critical. CVE-2020-8758 - Year 2020
I only know of this as 'out of band management'.
'in-band' management is the term I've used for software based management, such as RDP, SSH, et al.
Looking at the intel AMT wiki page it refers to the same definitions. (en.wikipedia.org/wiki/Intel_Active_Management_Technology)
Just thought I'd mention that, just in case people get confused on the terminology.
Out of band management is management solutions that allow you to manage a system as if you're sitting in front of it. You can access the whole system, including BIOS.
It's incredibly useful, especially if an upgrade arses up and you lose ssh access, for example. Or remotely provisioning new servers, etc.
Correct as always! I think i mixed the terms up at the beginning, but you are right.
@@ChrisTitusTech You also called the Star Trek computer screens "Star Wars" at 7:30 ;)
It is nice that the program points out when your firmware is too old.
whoa whats that star trek looking pannel behind you? that looks freaking cooool. I typed too soon lol, Chris says what it is.
Ha! You're using the exact same wallpaper I got. :)
Great video btw.
Very helpful video....
I was looking for the StarTrek screen saver and found this: "PopOS 20 - MacOS Theme Image". Will this image work on an intel Macbook?
greath topic !! wel good info....
Does this work for intel vPro essentials cpu? or require "enterprise"
Next update: Remote desktop without opening your computer
everything is possible lol
"Telepathic maintenance for your PC"
@@ChrisTitusTech 😂😂😂😂
Did you get some new audio gear? It looks like there is some XLR connectors in the rack.
I already have Mesh it's very cool, was going to use vnc pro but way to expensive so I tripped over this looking for a free ver.
I know this vid is older but is there any vid you have done on what occurs differently when you install software using ESXi console vs RDP to a windows OS? We have a situation where an integrator installed some industrial control software and I had to manually add missing registry keys just to make all of it work. It's so random in what it missed that all are baffled. The manf now says that installing over RDP is not supported... but how to determine what was done incorrectly is of interest.
Nice introduction, I would love to hear more about Centos and its functionality on the back end.
What's so special about Centos functionality? It's just another disto, no more no less.
Awesome video! As a fellow sysadmin i always wanted to play with this but i could never find an easy and free way to do so.
It is however my reason to avoid Intel as much as i can in my personal systems, because this management engine that has THIS much low level access is present in any cheap including the non vPro ones. The vPro stuff is just disabled on those.
This does require a follow up video though, because i notice most MeshCommander video's do not touch on Intel AMT at all.
What i did find is a cool firmware loader tool they built so it can run directly from the target machine.
So it would be cool to show a vPro machine that is not initialized, how to initialize it and then how to load MeshCommander with the Firmware loader. That way you don't even need software installed and can manage it directly from the target machine in the future including the remote desktop.
Thanks Henk! I'll have to dig deeper on this as you are right and Intel ME is scary as hell as this was just a surface level video that only addressed vPro.
How do you know of you hace this feature? I have an IBM x3250 m4
What's a Star Track system? It's funny, it looks just like the LCARS from Star Trek
Hi, Can I use an Intel vPro CPU on a non-vPro motherboard?
I saw Your recomandation of chrome remote desktop. I installed it om my Manjaro server. I have been using nomachine for several years. Is this still Your reccomandation? I have a headless Linux server, the nomachine dosent work well With my Magic keyboard, therfore I am checing out Other solutions.
I have usedLinux sinne 2006, but the 5 last years I have been lazy, forgot a lot from When I was setting up postfix etc.. Basically my server runs plex and acts as a filserver over ssh/sftp. I wish to have a smooth experience when connecting to my server (Manjaro Xfce) from work.
I have Windows and Linux and they are unable to boot up, half way into the booting, the laptop will cut off and shut down, is this caused by the IME? Do I need to replace the CMOS battery as IME runs directly from it and not the main battery.
Does mesh commander also controls AMD systems?
What’s your opinion on Solus?
How does it compare to Pop os and Manjaro? I’m a gamer and I’m trying to find my first distro
Do NOT use Solus as your first distro. It is an obscure distro that doesn't have any support outside of the official site and forums. Pop OS would be my choice or Kubuntu. Manjaro would make for a good distro to roll if those don't fit your needs.
I have 3 Intel mult-icore machines. As far as I know only one has Vpro on the box. I will have to look very closely at it, before assigning it critical network duties. I will have to dig into my systems to see if this is a feature I want to use. It may be something I want to disable if possible. I am new to remote system management. Knowing about this backdoor may inform my choice of future machines. I I was thinking of adding another NIC to this machine anyway. That should bypass this "Feature" even if I lose a little speed. The new NIC would be in a PCI slot. Is this feature only on Desktops? Could it be buried in a Gaming Laptop? I know a few people who would sorry if it is. Thanks for more great work.
It’s very very nice.. the question is, do all(!) platform and devices with Intel vPro this capability? How do i know before buying whether it works or not? IIRC amd DASH needs specially boards which are virtually non existent and the pro CPUs. Even consumer chips finally even from Intel do support ecc.. bringing a pc in the basement as a home server without speeding crazy amount for sever with management modules would be nice. I bought used server as I run everything fully headless most of the time I am even in a different country yet I do so some housekeeping
"There is that nice little Star Wars theme." LoLz. That panel is from Star Trek. LoLz
Yet another, “You made “A” episode of CTT!
YaY linux in the morning, Ty Chris
Can intel 9700 vpro be used for gaming? I mean, I got one for free and i want to build gaming system with it if possible.
Mesh Commander is *outdated* and highly dependent on tonnes of npm libraries with *critical* *vulnerabilities* . Giving it God-like remote access to your servers is a bit risky.
Libs like *optimist* abandoned 9 years ago
Any idea what can be used today instead?
To your knowledge will this work with Linux (No GUI)?
"without ANY Software"
I probably should have said Agent-less as that would be more accurate.
@@ChrisTitusTech acknowledged :D
Chris Titus Tech: with preinstalled agent that has more rights than your OS you mean ;)
How about change bios settings?
Thank you.
Do You Open Website On Windows ?
Hmm . . . I have a couple of newer HP laptops, I wonder if this work work.
You kind of skipped over a really important step when you said enter the other computer's information. I want to be able to use this on my relatives' computer to help him with programs - so need to be able to remote into his computer with very little work on his part...
so - what do I need from him to be able to enter his computer information into the Mesh software?
Exactly. he miss that part totally. How do i access a computer on a different network? He didnt even go through that...
Could thos be used in a proctored exam to cheat?
Does this work over VPN
How to disable red and yellow colour line after establishing remote connections
No, it should be nuked from orbit!
Or at minimum, disabled - There have been numerous vulnerabilities discovered in vPro/MeBX over the past several years, and unless you constantly keep your BIOS updated each month, simply don't do it!
7:31 Whoa, please don't confuse Star Wars with Star Trek 😅 And is that remote display in 8 bits?
Haha, yeah I might have a riot on my hands. That is just a screen saver on a server 2008 R2 machine I have in the rack.
@@ChrisTitusTech Can you share the .scr file? :)
hey Chris!
how to make sure AMT vPro doesnt make my system vulnerable?'
if I dont use it
Just disable in BIOS
any way to get this on linux? preferably FOSS
This is OS agnostic as it is done at the hardware level.
Reread: MeshCommander can be launched via web server and built in npm.
MORE!!!
Once you use virtualization no need for ILO much. you just use console mode on your vcenter or hyper-v.
So true, typically only need iLO for firmware updates and host maintenance. Most times I needed to use iLO it was due to hardware failure in virtualized environments and had to run and grab a crash cart anyhow.
Does Intel Did Time Machine
Isn't ILO and iDRAC out of band management ?
Yes it is... I had a brain fart. In-Band management refers to software /facepalm
@@ChrisTitusTech we all have em, some are just more public than others! You had me doubting myself even though I work with them every day 😂 Keep up the good work sir
So was the star trek thing just a screen saver? Asking the real question here.
www.mewho.com/system47/ Here you go!
Took me two month to figure out that someone, so how was able to achieve rdp in my pc bios and at least four more of my friends pc's.
is out of band. or in band????
This is Out of Band... I fixed the title lol.
This dosen't sound like a system vulnerability at all.
Intel ME and old firmwares with vPro enabled are very vulnerable. That is why I made a little comment about updating firmware when utilizing this.
Any advice for lenovo x220 with vpro ? Not sure firmware update fix this ?
Finally Remote Access without a computer!11111
And that is guys, how the feds remote into your computer
Practically, it is not possible to get remote access of a computer without using any software. One has to use remote access tools like logmein, R-HUB remote support servers etc. or something else for remotely accessing computers from anywhere anytime.
Sysadmins wants..user no
Hey... Logitech MK710 keyboard..
Good eye!
@@ChrisTitusTech I have the same keyboard, with the M705 'marathon' mouse .
Thoroughly impressed with the battery endurance on both peripherals.
I bought the combo in 2012, still using the first set in the keyboard, now at 65% charge.
windows scares me now lol
mic, mic! lol
Yeah, Ethernet connections isn't safe at all, for Windows / Intel machines. Government will definitely gonna steal your ideas.
?
NSP
!!
Windows updates in the middle of producing a video. #^&$in' classic.
don't wanna live w/o it!!! I tried that...like before it was available and sneakernet was the only option >.< 4LZRZ! ;D
IPMI.
is NOT. ipmi has nothing to do with intel
@@skipad4306 I know. Just suggesting it as an alternative for "out of band"
IPMI is some what addressed in the video with HP iLO or Dell iDrac which are true IPMI. Intel vPro is like the poor man's IPMI without a seperate management interface.
IPMI
Da Ģ
Yeah update cause after some vers. u cannot even disable this crap nor downgrade. Remote access without consend. Sound like rape by IT guy.
I’m watching from an iPhone 7 Plus. And I’m unable to see anything useful because you keep the camera focused on yourself. Or too wide of an angle to see the part of the screen that has relevant content. Please focus on your editing and use zoom tools. Also choose voiceovers more often. Your content choices are great. The info you provide is great. But stop making it about you visually. Let the content come to the front and you need to disappear into the background while you’re showing stuff in this visual medium.
I'll try to do more zooms and such for phone users. A lot of times I am just moving so fast trying to get daily videos out. I need to just take my time and spend more time on editing doing the proper zooms and if I don't get a daily video out so be it. Hopefully here in the future I can just hire an editor and then just push all that work off.
Too many bullshits
Bogus
Practically, it is not possible to get remote access of a computer without using any software. One has to use remote access tools like logmein, R-HUB remote support servers etc. or something else for remotely accessing computers from anywhere anytime.