ConnectWise ScreenConnect

ConnectWise Control
Original author(s)	Elsinore Technologies
Developer(s)	ConnectWise, LLC
Stable release	22.5.7881 / 16 May 2022;2 years ago
Operating system	Windows ; Linux ; macOS ; Android ; iOS
Type	Remote desktop software
License	Proprietary
Website	screenconnect.connectwise.com

Last updated October 31, 2024

ConnectWise ScreenConnect, previously ConnectWise Control, is a self-hosted remote desktop software application. It was originally developed by Elsinore Technologies in 2008 under the name ScreenConnect, and is now owned by ConnectWise Inc.

History

Former ScreenConnect logo

Elsinore Technologies developed ScreenConnect in 2008 as an add-on to their RMM Software IssueNet in order to assist in providing remote support to end users. They later began distributing the software as a standalone product.^[1]

Acquisition by ConnectWise

On February 11, 2015, PSA company ConnectWise announced their acquisition of the ScreenConnect software in order to improve the remote control features of the latest release of their RMM Software, LabTech.^[2] ScreenConnect, LLC announced that, despite being acquired by ConnectWise, they would continue to operate under their original name in addition to offering their software as a standalone product.^[3]

Starting in early 2017, ConnectWise changed the name of ScreenConnect to ConnectWise Control, saying that this was to simplify their software under one company.^[4]

On May 15, 2023, ConnectWise Control was rebranded back to ConnectWise ScreenConnect.^[5]

On Thursday, February 22, 2024, version 6 of the self-hosted edition server application of ScreenConnect reported a vulnerability. A patch was available for the latest version (23) the same day, offering a temporary free upgrade.^[6]

Product

How it works

The product is available as a cloud hosted Software as a Service (SaaS) or self-hosted server application^[7]^[8] that permits the primary user to host the software on their own servers, PC, virtual machine (VM), or virtual private server (VPS). Once installed, the central web application can be made visible inside and outside of the local area network (LAN). ConnectWise ScreenConnect has a proprietary protocol and exposes an open architecture structure that can be utilized by users to implement custom plugins, scripting, or various integrations.

A generic use model would start with a host initiating a session through the central web application. A participant would then join a session by clicking on an email link or via the guest page of the application. An unattended client can be created and deployed to a targeted machine without the need for human intervention.^[9]^[10] The executable is ScreenConnect.ClientService.exe (x86) on Windows based OSs, and is a signed by a COMODO RSA Code Signing CA certificate [Publisher: ScreenConnect Software].

Features

Most commonly expected features for a product in this arena are present. Examples include reboot and reconnect, drag and drop file transfer, screen recording, safe mode support, multiple monitor, command line access, wake-on-LAN, VoIP, chat, and a custom toolbox for quick deployment of support tools.

In addition to features that facilitate communication, ConnectWise ScreenConnect also offers complete control over branding and customization of the product design, logo, color scheme, icons, text strings, and localization.

Security

The software is self-hosted providing users the ability to control the flow of data behind their own firewall and security implementations. ConnectWise Control uses 256-bit AES encryption to package and ship data, supports two factor authentication, has server level video auditing, and granular role-based security. Forms-based and Windows Authentication are optional authentication methods for security purposes.

Compatibility

Host (presenter or technician): can utilize Mac, Linux, Windows, iOS or Android operating systems. Guest (customer or participant): can connect from Mac, Linux or Windows. ConnectWise ScreenConnect can also be utilized to remotely support Android devices, with complete view and control available for devices manufactured by Samsung.

Technology

Server

The on-site ConnectWise ScreenConnect server is self-hosted, and runs as a .NET Framework application. On Microsoft Windows it runs as a set of services. In 2015, ConnectWise ScreenConnect launched a hosted cloud platform, providing a way to use the ConnectWise ScreenConnect software with no local server installation required.

The ConnectWise ScreenConnect server runs as a set of four discrete services:

The Web Server service is an outward-facing ASP.NET HTTP application and serves as a portal for both technicians and their end-users
The Relay service provides outward-facing in-session communication and operates on TCP sockets. Communication is encrypted with the AES-256 block cipher.
The Session Manager service provides a data store for both the Web Server and Relay services. It is implemented as WCF SOAP web service.
The Security Manager service provides a data store for security-related activities, including authentication and auditing

Clients

ConnectWise ScreenConnect sessions are arranged through the web application. Once users join sessions, a ConnectWise ScreenConnect client is launched to connect to the Relay service. ConnectWise ScreenConnect targets clients based on device and operating system:

The .NET client is targeted to Microsoft Windows computers and is activated with a custom URI Scheme which starts the session from an installed handler on the controller's workstation.^[11] For end-users joining a support session, a variety of bootstrappers can be used including Microsoft's ClickOnce technology.^[12]
The Java client is targeted to OS X and Linux computers and is activated with Java Web Start.
The iOS client is targeted to iPhones and iPads.
The Android client is targeted to Android phones and tablets.

Licensing model

ConnectWise ScreenConnect is commercial software. Licenses sit in a pool and are available to any user on any workstation. There are three types of license: a single concurrent that allows one simultaneous connection per license, an unlimited which allows an unlimited number of concurrent sessions as long as all sessions are utilizing the same server, and enterprise licenses which provide flexible options for SaaS, multi-user, or custom functionality.

The concurrent license types are bought as a one-time purchase, with lifetime support. A subscription model is used for updates, which are free during the first year after purchase, after which the "update license" must be renewed. Pricing for updates depends on when the update license was last-renewed.^[13]

Misuse

The program under its previous name of ScreenConnect has been used in fraudulent technical support scams where the fraudster is able to gain the control of the victims computer by telephoning and tricking the user to install the software and permitting a connection. The free trial period has been utilized to avoid any software costs in doing this, and similar products such as TeamViewer ^{[ broken anchor ]}, AnyDesk and Ammyy Admin have also been used for the scam.^[14]^[15]

Cybercriminal group LockBit exploited vulnerabilties in ScreenConnect.^[16]

Related Research Articles

Virtual private network (VPN) is a network architecture for virtually extending a private network across one or multiple other networks which are either untrusted or need to be isolated.

VNC is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the keyboard and mouse input from one computer to another, relaying the graphical-screen updates, over a network. Popular uses for this technology include remote technical support and accessing files on one's work computer from one's home computer, or vice versa.

RealVNC is a company that provides remote access software. Their VNC Connect software consists of a server and client application, which exchange data over the RFB protocol to allow the Viewer to control the Server's screen remotely. The application is used, for example, by IT support engineers to provide helpdesk services to remote users.

Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft Corporation which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software.

OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.

NX technology, commonly known as NX or NoMachine, is a remote access and remote control computer software allowing remote desktop access and maintenance of computers. It is developed by the Luxembourg-based company NoMachine S.à r.l. NoMachine is proprietary software and is free-of-charge for non-commercial use.

<span class="mw-page-title-main">Quick Assist</span> Microsoft Windows remote access feature

Quick Assist is a Microsoft Windows feature that allows a user to view or control a remote Windows computer over a network or the Internet to resolve issues without directly touching the unit. It is based on the Remote Desktop Protocol (RDP). It is complemented by Get Help, a feature introduced in Windows 10 that enables the user to contact Microsoft directly but does not allow for remote desktoping or screen sharing.

A home server is a computing server located in a private computing residence providing services to other devices inside or outside the household through a home network or the Internet. Such services may include file and printer serving, media center serving, home automation control, web serving, web caching, file sharing and synchronization, video surveillance and digital video recorder, calendar and contact sharing and synchronization, account authentication, and backup services. In the recent times, it has become very common to run hundreds of applications as containers, isolated from the host operating system.

Microsoft Application Virtualization is an application virtualization and application streaming solution from Microsoft. It was originally developed by Softricity, a company based in Boston, Massachusetts, acquired by Microsoft on July 17, 2006. App-V represents Microsoft's entry to the application virtualization market, alongside their other virtualization technologies such as Hyper-V, Microsoft User Environment Virtualization (UE-V), Remote Desktop Services, and System Center Virtual Machine Manager.

In computing, the term remote desktop refers to a software- or operating system feature that allows a personal computer's desktop environment to be run remotely from one system, while being displayed on a separate client device. Remote desktop applications have varying features. Some allow attaching to an existing user's session and "remote controlling", either displaying the remote control session or blanking the screen. Taking over a desktop remotely is a form of remote administration.

This page is a comparison of notable remote desktop software available for various platforms.

Inductive Automation is a supplier of web-based industrial automation software based in Folsom, California, US. The Ignition SCADA platform is the company's main product line.

Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allow a user to initiate and control an interactive session on a remote computer or virtual machine over a network connection. RDS was first released in 1998 as Terminal Server in Windows NT 4.0 Terminal Server Edition, a stand-alone edition of Windows NT 4.0 Server that allowed users to log in remotely. Starting with Windows 2000, it was integrated under the name of Terminal Services as an optional component in the server editions of the Windows NT family of operating systems, receiving updates and improvements with each version of Windows. Terminal Services were then renamed to Remote Desktop Services with Windows Server 2008 R2 in 2009.

A hosted desktop is a product set within the larger cloud-computing sphere generally delivered using a combination of technologies including hardware virtualization and some form of remote connection software, Citrix XenApp or Microsoft Remote Desktop Services being two of the most common. Processing takes place within the provider's datacenter environment with traffic between the datacenter and the client being primarily display updates, mouse movements and keyboard activity.

GraphOn GO-Global is a multi-user remote access application for Windows. GO-Global is a product of GraphOn Corporation.

GroupWise is a messaging and collaboration platform from OpenText that supports email, calendaring, personal information management, instant messaging, and document management. The GroupWise platform consists of desktop client software, which is available for Windows,, and the server software, which is supported on Windows Server and Linux.

QVD is an open-source virtual desktop infrastructure (VDI) product built on Linux. Its main purpose is to provide remote desktops to users.

Chrome Remote Desktop is a remote desktop software tool, developed by Google, that allows a user to remotely control another computer's desktop through a proprietary protocol also developed by Google, internally called Chromoting. The protocol transmits the keyboard and mouse events from the client to the server, relaying the graphical screen updates back in the other direction over a computer network. This feature, therefore, consists of a server component for the host computer, and a client component on the computer accessing the remote server. Chrome Remote Desktop uses a unique protocol, as opposed to using the common Remote Desktop Protocol.

Ignition is an Integrated Software Platform for SCADA systems released by Inductive Automation in January 2010. It is based on a SQL Database-centric architecture. Ignition features cross-platform, web-based deployment through Java Web Start technology. The Ignition platform has three main components: the Ignition Gateway, the Designer, and the runtime clients. Independent modules provide separate functionality in any or all of the platform components. Ignition SCADA modules provide features such as: Real-Time Status Control, Alarming, Reporting, Data Acquisition, Scripting, Scheduling, MES, and Mobile support.

Outline VPN is a free and open-source tool that deploys Shadowsocks servers on multiple cloud service providers. The software suite also includes client software for multiple platforms. Outline was developed by Jigsaw, a technology incubator created by Google.^[3]

References

↑ "About ScreenConnect Remote Support Software and ScreenConnect Software, LLC". ScreenConnect. ScreenConnect, LLC. Retrieved 3 April 2015.
↑ "ConnectWise Acquires ScreenConnect". ConnectWise. Archived from the original on 6 April 2015. Retrieved 3 April 2015.
↑ "ScreenConnect joins the ConnectWise family!". ScreenConnect. ScreenConnect, LLC. Retrieved 3 April 2015.
↑ "ScreenConnect is Now ConnectWise® Control™". Connectwise. Retrieved 3 June 2017.
↑ "We're bringing back the ScreenConnect name | ConnectWise". screenconnect.connectwise.com. Retrieved 2023-05-15.
↑ "ConnectWise ScreenConnect 23.9.8 security fix". ConnectWise. 19 February 2024.
↑ Wareprise Remote Support Software
↑ Ohlhorst, Frank (June 9, 2013). eWeek ScreenConnect Shifts Remote Support From the Cloud Back to the Desktop
↑ Jon Jacobi PCWorld Reviews ScreenConnect Archived 2011-04-30 at the Wayback Machine
↑ "Remote Support Software and Services | ConnectWise Control". Archived from the original on 2010-04-19. Retrieved 2010-12-02.
↑ "ScreenConnect 5.2 Release Log". ScreenConnect Remote Support Software User Forum. ScreenConnect, LLC. Archived from the original on 8 April 2015. Retrieved 3 April 2015.
↑ "Softsea reviews ScreenConnect". Archived from the original on 2010-08-18. Retrieved 2010-12-02.
↑ "Upgrade your ScreenConnect Remote Support Software". ScreenConnect. ScreenConnect, LLC. Retrieved 16 April 2015.
↑ Sean Gallagher (28 January 2017). ""You took so much time to joke me"—two hours trolling a Windows support scammer". Ars technica. Archived from the original on 2 August 2018. Retrieved 25 October 2018. Details of a technical support scam misusing ConnectWise Control with the (now discontinued) URL FIX2X.SCREENCONNECT.COM.
↑ Technical support scammers (8 July 2017). "Fake ConnectWise Control login purporting to be British Telecom support (note name of site)". bttechnicaldepartment.screenconnect.com. Archived from the original on 8 July 2017. Retrieved 8 July 2017.
↑ Goodin, Dan (22 February 2024). "Ransomware associated with LockBit still spreading 2 days after server takedown". Ars Technica. Retrieved 23 February 2024.

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "About ScreenConnect Remote Support Software and ScreenConnect Software, LLC". ScreenConnect. ScreenConnect, LLC. Retrieved 3 April 2015.

[2] "ConnectWise Acquires ScreenConnect". ConnectWise. Archived from the original on 6 April 2015. Retrieved 3 April 2015.

[3] "ScreenConnect joins the ConnectWise family!". ScreenConnect. ScreenConnect, LLC. Retrieved 3 April 2015.

[4] "ScreenConnect is Now ConnectWise® Control™". Connectwise. Retrieved 3 June 2017.

[5] "We're bringing back the ScreenConnect name | ConnectWise". screenconnect.connectwise.com. Retrieved 2023-05-15.

[6] "ConnectWise ScreenConnect 23.9.8 security fix". ConnectWise. 19 February 2024.

[7] Wareprise Remote Support Software

[8] Ohlhorst, Frank (June 9, 2013). eWeek ScreenConnect Shifts Remote Support From the Cloud Back to the Desktop

[9] Jon Jacobi PCWorld Reviews ScreenConnect Archived 2011-04-30 at the Wayback Machine

[10] "Remote Support Software and Services | ConnectWise Control". Archived from the original on 2010-04-19. Retrieved 2010-12-02.

[11] "ScreenConnect 5.2 Release Log". ScreenConnect Remote Support Software User Forum. ScreenConnect, LLC. Archived from the original on 8 April 2015. Retrieved 3 April 2015.

[12] "Softsea reviews ScreenConnect". Archived from the original on 2010-08-18. Retrieved 2010-12-02.

[13] "Upgrade your ScreenConnect Remote Support Software". ScreenConnect. ScreenConnect, LLC. Retrieved 16 April 2015.

[arstechnica-1-14] Sean Gallagher (28 January 2017). ""You took so much time to joke me"—two hours trolling a Windows support scammer". Ars technica. Archived from the original on 2 August 2018. Retrieved 25 October 2018. Details of a technical support scam misusing ConnectWise Control with the (now discontinued) URL FIX2X.SCREENCONNECT.COM.

[BTtech-15] Technical support scammers (8 July 2017). "Fake ConnectWise Control login purporting to be British Telecom support (note name of site)". bttechnicaldepartment.screenconnect.com. Archived from the original on 8 July 2017. Retrieved 8 July 2017.

[16] Goodin, Dan (22 February 2024). "Ransomware associated with LockBit still spreading 2 days after server takedown". Ars Technica. Retrieved 23 February 2024.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

v t e Remote administration software
General	Remote desktop software Comparison of remote desktop software
Implementations	Absolute Manage AetherPal AnyDesk Apple Remote Desktop Chrome Remote Desktop Citrix Virtual Apps ConnectWise Control Crossloop IBM BigFix LogMeIn Microsoft System Center Configuration Manager NetSupport Manager pcAnywhere RealVNC Remote Desktop Services Remote Utilities RescueAssist RustDesk scrcpy Secure Shell Splashtop TeamViewer ThinLinc TightVNC Timbuktu UltraVNC Virtual Network Computing NX technology
Controversial Implementations	Back Orifice Back Orifice 2000 NetBus Sub7