Programly detect if my machine remotely accessed

Question

I have a winservice running in one PC, it connected to server so we can push a command to this winservcice.

One of the command should be : isConnectedRemotly : which should return true if anyone connect to this machine from other machine (remotely), and for which username (the session username it connected to)

How I can do that?

score 0 · Answer 1 · answered Aug 18 '13 at 08:57

It depends... if you mean "is the calling process is running under a remote session, you could obtain the session id for the process and get info for the session to check if it is a remote session, with something like:

DWORD ProcessId; // filled by the calling program using GetCurrentProcessId()
DWORD SessionId, ByteCount;
LPTSTR Buffer;
if (ProcessIdToSessionId(ProcessId, &SessionId))
    if (WTSQuerySessionInformation(WTS_CURRENT_SERVER_HANDLE, SessionId,
                                   WTSIsRemoteSession, &Buffer, &ByteCount))
        if (WTSQuerySessionInformation(WTS_CURRENT_SERVER_HANDLE, SessionId,
                                       WTSUserName, &Buffer, &ByteCount))
        {   // copy away the user name in Buffer
            WTSFreeMemory(Buffer);
        }

Why need the second "WTSQuerySessionInformation" call (WTSUserName)?, No, I want to know: "is the username logged into a remote session" — Joseph, Aug 26 '13 at 09:07
The first call to `WTSQuerySessionInformation()` with parameter-3 = `WTSIsRemoteSession` determines if the user is logged into a remote session, the second call retrieves the user name (`WTSUserName`) — Edward Clements, Aug 26 '13 at 12:09

Programly detect if my machine remotely accessed

1 Answers1