Re: gotomypc

From: Rainer Duffner (rainer@ultra-secure.de)
Date: Sun Mar 10 2002 - 06:05:42 PST

Next message: Jacek Lipkowski: "RE: Modem detection in a LAN"

Previous message: R. DuFresne: "Re: gotomypc"
In reply to: kevin mckay: "gotomypc"
Next in thread: Ken.Williamsat_private: "Re: gotomypc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

kevin mckay writes: 

> Has anybody dealt with the services from https://www.gotomypc.com it
> seems to allow end users to completely circumvent an existing network
> security infrastructure.

I think that is just one of several ones:
http://directory.google.com/Top/Computers/Security/Internet/Privacy/Tools_an 
d_Services/ 

Though not all will do the same.
Most notably, to me, is htthost/httport:
http://www.htthost.com/ 


> The user signs up with gotomypc and establishes a out bound connection
> through the firewall to a go to my pc server, then there server listens
> for a connection that is connected to your internal network
> and the scariest thing is that the listining ports for inbound
> connections are on a gotomypcserver so how would you even audit?.

Once the tunnel is encrypted, there are not many options left:
 - blackhole the relevant IP-adresses -> this becomes futile once users
  use htthost on one of their home DSL-lines
 - run spyware (SMS etc) on the client-pc and employe an armada of
  tech-support people to periodically check every employee-PC for what
  the user has running. -> this will probably boost the economy and get you
  bonus-points from HR and upper management
 - try to lock down the client-configuration to up the ante for the
  employees -> helps until someone has found a way to circumvent it, until
  then it might even annoy the honest users
 - install host-based IDS -> mitigates break-ins that can occur and helps
  pin-down the individual in case 

Finally:
 - admit it is a social problem, that cannot be totally dealt with
  technology only. 

 

cheers,
Rainer
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rainer Duffner                   Munich
rainer@ultra-secure.de          Germany
http://www.i-duffner.de        Freising
========================================
    When shall we three meet again
  In thunder, lightning, or in rain?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Jacek Lipkowski: "RE: Modem detection in a LAN"
Previous message: R. DuFresne: "Re: gotomypc"
In reply to: kevin mckay: "gotomypc"
Next in thread: Ken.Williamsat_private: "Re: gotomypc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Mar 10 2002 - 09:33:12 PST