DuRPC

Released 24 years, 5 months ago. June 2000

Copyright © MegaSecurity

By rene


DuRPC
Informations
Author rene
Family DuRPC
Category Remote Access
Version DuRPC
Released Date Jun 2000, 24 years, 5 months ago.
Language Delphi
Additional Information
Server:
size: 570 KB

port: 2099 TCP

startup:
none

remark:
server icon is visible on taskbar

Author Information / Description
Du Remote PC (DuRPC.exe) Manual 
This program is FREEWARE, and fully functional. Options for a non-freeware version described below. 

DuRPC allows you to interact with the desktop of any pc running DuRPC in 
server modus using any TCP/IP (internet or LAN) connection,
presumed you know the correct password on- and IP adres or hostname of this server. 

Now you can remotely control your internet server, second computer,
print server; helpdesk a client computer; save a second monitor or whatever! 

Minimum system requirement: 


TCP/IP connection to another PC running DuRPC, LAN or Internet. 
Microsoft Windows 32-bit or compatible platform (Win 9x, NT4, 2000,
Millenium; not 3.1x or NT3.5x (or lower!) ). 
33k6 modem or better, Pentium 90 or better. 
56K modem, Pentium 266 or better recommended on both sides. 

Advantages 

Control multiple PC's with only one monitor, keyboard and mouse, even over the internet. 
Guarantees a descent connection, even by telephone line. Reduces network resource use. 
Stable 
Easy to use 
Secure logon protocol. Password is protected, and never goes over the network. No backdoors. 
Freeware! 

Disadvantages 

Consumes loads of processor power if available. Other applications or services get priority though! 

Version 
This is DuRPC beta 0.2 
Automatic update - if a executable with higher version number (DuRPCxxx) than 
the current running is placed into the same folder, the new executable will be
started automatically within 2 minutes, running in server mode and using current known password.
Connection to remote client will be lost, if connected one has to reconnect again.
This allows you to update server version remotely. 
We try to keep (no promises) DuRPC downword compatible, i.e. the client can
run a higher version number than the server. Not vice versa. 
This version is not yet fully completed. Things to improve are: 
Better screen analysis and change prediction 
Nicer screenbuild for the user. 
Keyboard input: only lower case allowed by now... working on. 
Compression on transferred data (note that with a modem connection,
modem protocol will do perfect compression! up to 12 Kb/s with 33K6 modem seems possible. 


Limitations 
Double clicking - one sometimes has to double click rather fast to make sure 
commands are send in the same network packet. 
Colors - for transmitting a false color palette with 8-bit depth is used.
Therefore, colors are 'rounded' for the nearest 8-bit color. 
Keyboard - not all characters are send, [CTRL][ALT][DEL] combination for examamle, 
or [ALT][F4] (which will in fact close your client window). 


Short how-to instructions: 
Start the application on two computers, hit 'serve' on one computer and enter a password. 

Enter the IP adres or hostname of this very computer into the edit box
of DuRPC on the other end and hit connect. If one gets no response within a few seconds 
just try to connect again. Make sure the hostname or IP adres is entered correctly,
that you use the correct password, and that both sides run the same version of DuRPC. 

Make sure the clock is running the same time, and that both PC's are in the same time-zone!!
(OR: adjust both clocks to GMT for example). This for inherent password security. 

DuRPC hides automatically when in server mode and gets connected.
One can gain control by clicking the tray-bar icon (near the time indication). 

Parameters 
On startup one can give optional parameters, most likely either two or none. 

DuRPC.exe [serve [password] ] 

Use the word 'serve' to let DuRPC serve immediately. Enter the password as second parameter. 
so a typical startup would be: 

durpc serve secret 

One could of course (manually) make a link to durpc.exe in your startup folder. 

Security 
Every hour, a new set of 70 20-byte log on sets are available.
A client just randomly picks one, the server checks to see if it's in range.
If it is, a connection can be established. 
Based on time and password, the client can generate a unique code. 
The time factor is build to make make sure any logon is a unique one. 
The server also keeps track of used logon's, and will never allow a connection
with the same logon again. This for avoiding someone capturing a network packet 
and logon with the same code. The code is based on the password, and will always be unique. 
Therefore the password is the essential key to logon. 
With this procedure, we avoided a hard client-server interacting to validate. 
As well did we avoid sending your password over the network. 
And we did avoid logging on with captured information. 
Only time this might fail, is on a spontanious reboot of the system, 
which with a good OS hardly will occur except with power failure. 
DuRPC is NOT a service. Therefore, machines running a server OS and need
manual logon to the desktop are inherent secure. 
Only machines which automatical reboot AND automatical logon to the desktop AND
automatical start DuRPC are potential insecure for a maximum period of one hour 
after the latest crash (which is needed to be insecure). 

Based on your password and the time, the computer renders a unique hash and sends
that to the server. This hash can only be used once. The server calculates,
based on the password and time, correct answers. This way, any logon send is unique. 

To logon without knowing the correct password is almost inpossible.
Capturing network packets and analyze them, thus someone viewing screen data might
in fact be possible, but controlling a PC without knowing the password is not. 

Presumed no one dissassembles this code and makes sense out of it and captures
a logon packet of you and let a password generator produce billions of passwords
to find the matching one... chances for a hacker to find a correct log-on are 1 on 2.0886E46. 

This would take a hacker probably beyond long after our very own sun has given up burning. 


USE @ YOUR OWN RISK. we think it's safe but WE'RE NOT RESPONSIBLE FOR ANYTHING. 

Faq 
Q: I set DuRPC in 'serve' mode and connected to localhost. Then the application hides. 
   How can I regain control? 
A: The traybar icon of DuRPC allows to control the state of DuRPC 
Q: Why does DuRPC hide when serving? 
A: This has to do with a nasty windows thing: if one remotely would like to
   move the application (holding mouse down at the blue bar) the mouse-events would get in an endless loop. 
Q: Could I better use PC-Anywhere or another (commercial) product? 
A: Yes, you could. There are also several freeware desktop-sharing programs for windows and for linux. 
   PC-Anywhere though has the nasty bug to be able to let your entire NT system hang,
   especially in combination with virus scanners and other "low-level" software. 
   DuRPC is 'just' an application and is not likely to do your system any serious harm.
   PC-Anywhere is a 'finished' product, with sophisticated keyboard controls and others.
   If you'd like to spend the money, it's entirely up to you. 
Q: I opened a telnet session to my windows 2000 machine, and started DuRPC from 
   the command line like: durpc serve mypass . I can connect but my screen stays white. Why? 
A: With telnet, you logged in as a seperate user. Telnet is text-only, therefore
   you don't have a desktop and durpc can't capture it then as well.
   You really must have physical access to this machine first to install durpc. 
Q: DuRPC sucks. You are amateurs! 
A: We don't mind. As creative developers we write software that is usefull for ourselves.
   If it might be handy for others we'll publish it. We even document it.
   Some people might like it, others don't. 

License 

This program is FREEWARE. 
If you're poor, don't bother and just use it. 
If you are less poor, or even rich, I dare to ask you a FEE. 
Any amount between $5 and $5 billion seems reasonable for me.
Just e-mail us or look at the web-site for the snail mail adres. 
What if you don't? 
If I ever see you in heaven sooner or later, and notice you were rich and used
my program reguarly and still did not give me a cent, 
I'll first beat ya up and then go complain at Jesus'

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.