kevin mckay writes: > Has anybody dealt with the services from https://www.gotomypc.com it > seems to allow end users to completely circumvent an existing network > security infrastructure. I think that is just one of several ones: http://directory.google.com/Top/Computers/Security/Internet/Privacy/Tools_an d_Services/ Though not all will do the same. Most notably, to me, is htthost/httport: http://www.htthost.com/ > The user signs up with gotomypc and establishes a out bound connection > through the firewall to a go to my pc server, then there server listens > for a connection that is connected to your internal network > and the scariest thing is that the listining ports for inbound > connections are on a gotomypcserver so how would you even audit?. Once the tunnel is encrypted, there are not many options left: - blackhole the relevant IP-adresses -> this becomes futile once users use htthost on one of their home DSL-lines - run spyware (SMS etc) on the client-pc and employe an armada of tech-support people to periodically check every employee-PC for what the user has running. -> this will probably boost the economy and get you bonus-points from HR and upper management - try to lock down the client-configuration to up the ante for the employees -> helps until someone has found a way to circumvent it, until then it might even annoy the honest users - install host-based IDS -> mitigates break-ins that can occur and helps pin-down the individual in case Finally: - admit it is a social problem, that cannot be totally dealt with technology only. cheers, Rainer -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rainer Duffner Munich rainer@ultra-secure.de Germany http://www.i-duffner.de Freising ======================================== When shall we three meet again In thunder, lightning, or in rain? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sun Mar 10 2002 - 09:33:12 PST