I found a warning message on my Mac this morning, that TeamViewer found suspicious usage

TeleStefan · 2021-10-11T12:21:43+00:00

There was an error rendering this rich post.

I had some remote training on Friday and forgot to close the teamviewer app. This morning I found that message, curious whether somebody logged in I went to Extras Show log files. There was NO “incoming connections” file so I had incoming connections on Friday (where I used it).

The general and network log files begin on Saturday around 6 am.

Is this an obvious hint that somebody has been able to login and deleted before leaving the device all log files?

I checked today and asked the colleague from Friday to login again. This immediately generates a incoming connections file with login data from today. But I”m really worried that there were no log data from Friday / Saturday.

Is TeamViewer automatically cleaning them? Does anybody know whether there is a protection against brutal force?

Best regads

Stefan

Find more posts tagged with

Security

Accepted answers

All comments

TeleStefan

as it’s a Mac the directory with log files was located at different location. However the incoming-connection file was not there like deleted. When starting new connections today I see it’s generated again and new sessions are appended. So as I know there should have been connections a from Friday I wonder why the file was no longer there this morning. Furthermore can anybody confirm when TeamViewer presents this message on the screen “be careful we detected suspicious traffic or behavior”?

thank you

stefan

JeanK

Hello @TeleStefan,

Good thing that you have reached out to us!

We do have brute force protection:

https://community.teamviewer.com/English/kb/articles/3967-what-is-brute-force-protection

The incoming connection file is located here:

C:\Program Files (x86)\TeamViewer

The file is called Connections_incoming.txt

Could you please check in this location?