The client also starts firing UDP packets at you. The client is signaled that you intend to connect and is given your IP. Your machine then begins firing UDP packets at the client. The main server then gives you the IP address of the client machine. When you hit connect your machine tells the main server its intention. The target machine (client) also has a TCP connection to the main TeamViewer Server. In order to pin hole your machine (viewer) has a TCP connection back to the main TeamViewer server. This can be locked down on enterprise grade devices, but in general 90% of the firewalls out there will allow return traffic. If they see an inbound packet that matches an outbound packet they will generally allow the packet through even without a specific rule being placed in the firewall's access list. Firewalls are designed to look for UDP packets and record the source and destination as well as the timestamp. This means packets are fired off at their target with no verification (at the protocol level) that they were received or even reached the destination. To elaborate on ewanm89's post, TeamViewer does use UDP pinholeing.
0 kommentar(er)
