Posted by ebunick
Digon

Re: Error: You established and aborted connections too frequently?

I have to agree - we regularly get connections dropping in China and I have team members regularly get locked out because of trying to connect on a poor quality connection.

I wish we had not pushed TeamViewer to our colleagues abroad in years gone by, as we're now stuck with third parties who expect us to use it.

Very dissapointing reply from TeamViewer.

Posted by hottweelz
Digon

Re: Error: You established and aborted connections too frequently?

Are you serious right now?  That's the answer? 

CLEARLY, Team Viewer was created and desgined by team members who are no longer existent within your company.

You guys are unable to update and change the code, I'm willing to believe that.

If you'd like some consultation on proper DR Testing, Dev, QA, ...any ITIL needs at all... reach out to me.

Your answer solidified my desire to NOT use this software anywhere currently...

Didn't realize you were still in Beta as it's clearly not Production-Ready.   You should probably warn users of that before roping them in.


Posted by D_
Digon

Re: Error: You established and aborted connections too frequently?

MK2:

Who are you trying to fool?
This "brute force protection" is counting connection attempts that never even got to the password exchange phase and connection attempts to computers that are assigned to us with easy access.

Posted by hottweelz
Digon

Re: Error: You established and aborted connections too frequently?

^ Very good point!   Plus, what's the value in "adding" to our list if that's not the case?  Is our own credentials not worth some sort of whitelist?

Posted by cirEOak
Digon

Re: Error: You established and aborted connections too frequently?

I recently engaged with my salesperson who wanted to sell me on the latest version (currently using v.12). I politely told her that I wasn't interested in buying anything until they listened to their customers about this very issue.

Her response:
"Thank you for the reply and feedback.

I do see the posting was initially submitted on 04/06/2017 and we addressed it the same day. The response is below:

This is actually an important security feature in TeamViewer, which has existed for quite a long time. The feature exists as one of the methods we use to protect TeamViewer from brute-force attacks from botnets or would-be hackers.

If someone tries to make multiple connections to the same TeamViewer ID over a short period of time, they will automatically be blocked, for several minutes, from making further connections. This will happen if you click the "Connect to partner" button repeatedly.

You will need to wait for the indicated amount of time before being able to connect again.

I did speak with high level support and they suggested I create a ticket for you in order to determine if a weak internet connection or something else is causing this. You will get an email with the ticket # which will request the logs from both of sides of the connection. If you can reply with these logs are support team will be able to tell you exactly what is going on. As a customer you qualify for live support vs. the free version community.

I hope you are able to get this resolved with support and please do reach out to me regarding any licensing concerns."

Their support team did reach out to me, but wanted me to install something else on my computer that collects information and refused to provided ANY information about the data it collects.

My continued annoyance is due to them thinking that their one response (which was rubbish, and didn't provide any more details than we already knew) qualifies them of "answering the question."

This and the latest issue about them not being clear to their paying customers regarding downtime is really leaving a bad taste in my mouth.

Believe me, I am looking for other solutions. Changing is painful, but I am trying to determine which is more painful, long-term.
Posted by Senior Moderator Senior Moderator
Senior Moderator

Re: Error: You established and aborted connections too frequently?

Brute force protection is not only there to protect the remote side.

Even if you try to establish too many connections quickly to multiple different devices, this is still covered by brute force as there are too many requests being sent to the server that can be used to overload our servers, this is why there is no "Override" button.

Also, please read up the thread. One of our supporters, Jeremy has replied multiple times to this thread with the same answer. I am definitely not the first staff member here.

-Scotty

Senior Moderator
Did my reply answer your question? Why not accept it as a solution to help others?
Posted by hottweelz
Digon

Re: Error: You established and aborted connections too frequently?

So it’s for your protection.

There’s some alternatives you should explore to resolve this. Apparently the masses of spoken.
Posted by cirEOak
Digon

Re: Error: You established and aborted connections too frequently?

Emphasis on YOUR.

See this is the thing. There are other ways to protect your servers, but how is disrupting a paying customer without warning or notification the right thing to do?
Posted by Senior Moderator Senior Moderator
Senior Moderator

Re: Error: You established and aborted connections too frequently?

Making sure that the server is not overloaded or attacked is clearly to our customers advantage.

I'm not sure how you could argue that making sure the service works is purely to our advantage and not to our customers.

-Scotty

Senior Moderator
Did my reply answer your question? Why not accept it as a solution to help others?
Posted by hottweelz
Digon

Re: Error: You established and aborted connections too frequently?

So a few thoughts:

You need to actually tell YOUR CUSTOMER "Please wait 10 seconds before reconnecting..."

That would've probably stopped this entire thread right here.

Secondly... do you think a hacker is going to manually "click connect" on a button a million times in order to flood a network?

Is the human finger that fast anyway?

Even an autoclicker, would fail, if you had that warning about 10 seconds.

If there IS A DDOS somehow via the frontend... thats a vulnerability in the software you're not telling us about that you can't figure out how to fix.

Which raises 197 more questions.... do we need to uninstall now?
Posted by D_
Digon

Re: Error: You established and aborted connections too frequently?

Scotty:

"Brute force" is a term that refers to password cracking, not denial of service attacks. Are you saying that a human manually tapping the refresh button 10 times in 10 seconds is enough traffic to be classified as a denial of service attack by the teamviewer network? That requires a lot more explanation before it will be plausible.

But if we assume that's true, that implies the teamviewer network is way too small to meet its demands due to being underfunded or poorly architected.

But let's assume that this network problem is actually intrinsic to all remote desktop systems rather than just teamviewer and any higher performance on other services is a result of them temporarily operating at a loss in order to try to compete with teamviewer. In that case, the development team should take a long hard look at the use cases "flaky or intermittent connection", "old or overburdened pc", and "intermittent pc uptime". It should be designed so people can connect and stay connected in these cases without having to manually poke the button until they get connected or banned.

Or they can just keep telling their PR people to spin it as a good thing.

Posted by elx
Proton

Re: Error: You established and aborted connections too frequently?

I have  to chime in and agree here. There are enough bugs and holes to jump through when setting up TeamViewer--multiple aborted logins are kind of par for the course. This timeout/security parameter should be left up to the user to adjust in Preferences; or there should be some quick way to override, like e-mail validation or 2-factor authentication.

I can't complain too much since I'm using the free license just for my home, but this happening to someone with a paid license during an important meeting would be a disaster. It really is something you folks should consider changing if you haven't already.

Posted by favsantos
Proton

Re: Error: You established and aborted connections too frequently?

Hi Scotty.

 

I am sorry but you (when I say "you" I mean the whole TV support who have answered to this thread) keep running away from the main point brought up here by most of the users.

I believe most people who have commented here will agree that WE UNDERSTAND the security need of this feature, HOWEVER, you cannot apply something like that WITHOUT warnings to the user. In ANY kind of system there will always be some kind of warning or notice that failure attemps will have a cost, and this cost NEEDS TO BE INFORMED.

If you could at least:

1) Warn the user BEFORE IT HAPPENS that after "x" attemps it will get locked out; and/or

2) Inform the user HOW LONG WILL TAKE to get the connection restored

If you would only apply those two things I am 100% sure that this thread (and others similar to it from my Google search about the issue) would be reduced drastically and less worry for you too. LET THE USER KNOW HOW IT WORKS in as much advance as possible, that's really simple.

I am not even going into the details of DoS technical details (as I agree with other users that this has nothing to do really with DoS attacks), just implement that and I believe most people will be happy.

I have a 12v paid license, and have been unable to help a staff of the company I am System Admin at because of that.

PLEASE LISTEN TO YOU CUSTOMERS, that's all.

Regards.

Posted by ebunick
Digon

Re: Error: You established and aborted connections too frequently?

hahaha... teamviewer don't listen to their customers. They just force you onto a subscription based license and pretend that a perk of this will be the added support for issues like this. They rely on customers like us becoming wedded to the product and having no simple option to migrate away.
Posted by mickee320
Electron

Re: Error: You established and aborted connections too frequently?

I've been waiting for an hour and still cannot connect .

Ho wlong are we supposed to wait?

this is ridiculous.

Posted by Gearbone
Neutron

Re: Error: You established and aborted connections too frequently?

Scotty and other admin - your attitude towards paying customers that are complaining about a feature that is clearly broken ( you guys state 10 minutes - some of us have to wait hours) isn't going un noticed. We are an MSP, have hundreds of remote agents and are now moving away from TeamViewer. Great going and we are going to make sure we let all of our other MSP's we deal with what garbage and **bleep** service you guys provide,

We had 3 remote nodes that have DEDICATED agents installed start doing this today. Client had an ISP issue which we were assisting remotely and since the connection dropped every few minutes we got "flagged" by this POS software and now cannot log in. Had to sign up for another service for remote support and since TV made us do that we are moving ALL of our clients to new solution.

Posted by AlexLeadingEdge
Henagon

Re: Error: You established and aborted connections too frequently?


@sharlow wrote:

This should really be changed to only count failed logins.

This limit just hit me when connecting to a flaky machine, I've disconnected and reconnected about a dozen times in the last two minutes and now it's telling me I have to sit and wait.

Brute force protection is a good thing, but valid correctly-authenticating connections are not a brute force.


I want to second this. I have a linux web server that I check every morning and every morning I need to attempt to connect to it between 3 to 6 times for TeamViewer on this server to "wake up" and start accepting logon requests. Sometimes it doesn't wake up and I exceed the number of times I can connect.

Posted by pvd
Henagon

Re: Error: You established and aborted connections too frequently?

I agree that you need security but I now sit waiting for "some time" which may be 15 min just because my connection dropped and I pressed retry too often. SO.. 

 

I fully agree with implementing security, BUT let me access the management console and remove the lock in 1-2 min rather than wasting 15 min of my time and more importantly wasting 15 min of my customers time - I'm just losing money/time/patience, my customers are losing faith in me fixing the issues they have and thats far far worse. 

I also note that any progreammer with a small brain could implement a try 4 times then sleep 15 min then try again process - this is not the right fix but thats another thing... 

so in summary yes please do keep me and you secure but let me have some control rather than using the brute force method of a timeout.