RE: Taking control of ones machine
From: Darren W. MacDonald (darrydoo@sympatico.ca)Date: 12/21/01
- Previous message: Jorge Roxo: "RE: RE: Windows XP Update possible BUG [ Was: RE: RE: MS01-058 patch ]"
- In reply to: Steven Bonici: "Taking control of ones machine"
- Next in thread: H C: "Posting sensitive info, was => Re: Taking control of ones machine"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Darren W. MacDonald" <darrydoo@sympatico.ca> To: "'Steven Bonici'" <sbonici@groupea.com>, <focus-ms@securityfocus.com> Date: Thu, 20 Dec 2001 22:08:41 -0500
Steven:
I was presented with the same Webex situation in September 2000. I
requested some information from Webex on how it worked, and got nowhere
with them. The tech that I spoke to, Charles, couldn't tell the
difference between Netscape and IE, couldn't/wouldn't tell me how it
worked or what the security risks were, but he assured me that it was
safe. (!) Management decided that my concerns weren't valid.
Since then, three different groups at the company I work for use it, for
three different applications: Aperture, Manugistics, and Aldon. All
groups are using it for software support and web meetings from the
vendors, IIRC. It basically allows sharing of applications and the
desktop across port 80, similar to Netmeeting -- except it's just a
plugin. I really dislike that it uses port 80 -- it basically nullifies
firewall rules (unless you block IP addresses to webex.com and any other
Webex servers entirely, I suppose). The three companies I have
experience with all use the webex.com domain.
In all the sessions I saw, users had to grant permission for the
requesting party to take control, and sessions can be interactive or
look only; however, I don't know if this is always the case. My comfort
level isn't all that high, as it's a black box that I don't know enough
about and can't get any information about.
HTH
Darren
> -----Original Message-----
> From: Steven Bonici [mailto:sbonici@groupea.com]
> Sent: Thursday, December 20, 2001 3:25 PM
> To: 'focus-ms@securityfocus.com'
> Subject: Taking control of ones machine
>
>
>
> You have to forgive me with the following questions, as I am not sure
if
> this is the right group.
>
> We have been asked by one of our software vendors to allow them to use
> WebEx
> to take control of one of our servers. They explained to me that all
I
> need
> to do is to install a "plug-in" and they can take control of the
server
> through a web browser. We staged a test with a test server, and they
came
> right in and took control. Isn't way too easy?
>
> I haven't contacted them yet, I thought I would ask here first. Is
there
> any documentation or white papers into how this actually works and
what
> can
> be done to protect the machine? Does anyone have any insight into
WebEx?
> I
> am really curious as to how easy this is. I know once you go to the
WebEx
> web site you need to agree and "allow" someone to actually connect,
but it
> just seems way too easy.
>
> I know that websites can grab information from your browser, but again
I
> would love to know "how" and all this seems to be connected in some
way.
> I
> downloaded a copy of "pcaudit.exe" (by Internet Security Alliance),
and
> that
> just goes to prove how vulnerable one is.
>
> Any information would be greatly appreciated.
> Thanks - Steven
- Previous message: Jorge Roxo: "RE: RE: Windows XP Update possible BUG [ Was: RE: RE: MS01-058 patch ]"
- In reply to: Steven Bonici: "Taking control of ones machine"
- Next in thread: H C: "Posting sensitive info, was => Re: Taking control of ones machine"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
