Remote configuration management allows system configuration changes to be performed through the network without needing access to the console of the system being configured. A technician can also work on someone's computer remotely without needing to be physically present at a location. This is often done by installing remote control software or a service to allow the two connecting devices to communicate. Sometimes special protocols are used for this function. Remote configuration management can be used for:
- diagnosing problems/troubleshooting
- asset discovery
- patch management
Remote configuration management tools usually alert the user when someone is trying to connect to the computer. Furthermore, in order to limit malicious activity, the user or administrator can usually determine the level of permission or control granted to the software. Hackers have exploited remote configuration management tools and services to gain access to computers and cause havoc.
Microsoft's remote desktop protocol, port 3389, was maliciously used by hackers to trick users into allowing the hacker into their machines by posing as Microsoft personnel. Afterward, hackers would encrypt the user's machine, essentially locking the user out of their machine, and then demand money to unlock the device. This vulnerability was mainly exploited on older versions of Windows such as Windows XP.
Good security practices are imperative when using a remote configuration management tool. Such a service should be disconnected or turned off when it is not being used.