RE: Taking control of ones machine
From: Darren W. MacDonald (darrydoo@sympatico.ca)Date: 12/28/01
- Previous message: Brad Judy: "RE: Recent Mac/Win interop threads"
- Maybe in reply to: Steven Bonici: "Taking control of ones machine"
- Next in thread: H C: "RE: Taking control of ones machine"
- Reply: H C: "RE: Taking control of ones machine"
- Reply: Tom Love: "RE: Taking control of ones machine"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Darren W. MacDonald" <darrydoo@sympatico.ca> To: "'Eric Moore'" <ruztedrute@altavista.com> Date: Thu, 27 Dec 2001 20:25:54 -0500
I understand and have used X Windows, and VNC, and SMS Remote Control,
and RDP/ICA, and PCAnywhere, and a myriad of other "remote control"
products. Webex is not in the same class. It's more like Netmeeting than
anything else, except it's not a big fat application that locked-down
users can't install, it's a much smaller ActiveX control.
The issue here is not how a remote control tool works in a general
sense; the issue is with the Webex ActiveX control. Specifically, why
its developers chose to use port 80 (which invalidates my firewall
rules, and makes it impossible to regulate this product, as anyone on my
network can go download it), whether or not its traffic is encrypted,
and how vulnerable the ActiveX control is (for example, if user goes to
badguy's website, and badguy's site can circumvent the so-called
authorization functionality of this tool, then badguy has the same level
of access on the PC, and on my network, as user -- and even if he can't
circumvent the authorization, he could get a gullible user to authorize
them via social engineering -- and since I'm not necessarily involved in
the process, I may not have the opportunity to educate said user).
Finally, my biggest concern is with the inability of Webex support
personnel to answer these, and other, questions. It appears that I'm not
alone in this problem, based on other messages in this thread.
TTYL
Darren
> -----Original Message-----
> From: Eric Moore [mailto:ruztedrute@altavista.com]
> Sent: Thursday, December 27, 2001 4:23 PM
> To: darrydoo@sympatico.ca
> Subject: RE: Taking control of ones machine
>
> I suggest doing a web search on virtual network computing (VNC). This
> particular acronym is also a product offered by AT&T and will explain
the
> foundation of X-Windowing. Thanks!
>
>
> On Thu, 20 December 2001, "Darren W. MacDonald" wrote:
>
> >
> > Steven:
> >
> > I was presented with the same Webex situation in September 2000. I
> > requested some information from Webex on how it worked, and got
nowhere
> > with them. The tech that I spoke to, Charles, couldn't tell the
> > difference between Netscape and IE, couldn't/wouldn't tell me how it
> > worked or what the security risks were, but he assured me that it
was
> > safe. (!) Management decided that my concerns weren't valid.
> >
> > Since then, three different groups at the company I work for use it,
for
> > three different applications: Aperture, Manugistics, and Aldon. All
> > groups are using it for software support and web meetings from the
> > vendors, IIRC. It basically allows sharing of applications and the
> > desktop across port 80, similar to Netmeeting -- except it's just a
> > plugin. I really dislike that it uses port 80 -- it basically
nullifies
> > firewall rules (unless you block IP addresses to webex.com and any
other
> > Webex servers entirely, I suppose). The three companies I have
> > experience with all use the webex.com domain.
> >
> > In all the sessions I saw, users had to grant permission for the
> > requesting party to take control, and sessions can be interactive or
> > look only; however, I don't know if this is always the case. My
comfort
> > level isn't all that high, as it's a black box that I don't know
enough
> > about and can't get any information about.
> >
> > HTH
> > Darren
> >
> >
> > > -----Original Message-----
> > > From: Steven Bonici [mailto:sbonici@groupea.com]
> > > Sent: Thursday, December 20, 2001 3:25 PM
> > > To: 'focus-ms@securityfocus.com'
> > > Subject: Taking control of ones machine
> > >
> > >
> > >
> > > You have to forgive me with the following questions, as I am not
sure
> > if
> > > this is the right group.
> > >
> > > We have been asked by one of our software vendors to allow them to
use
> > > WebEx
> > > to take control of one of our servers. They explained to me that
all
> > I
> > > need
> > > to do is to install a "plug-in" and they can take control of the
> > server
> > > through a web browser. We staged a test with a test server, and
they
> > came
> > > right in and took control. Isn't way too easy?
> > >
> > > I haven't contacted them yet, I thought I would ask here first.
Is
> > there
> > > any documentation or white papers into how this actually works and
> > what
> > > can
> > > be done to protect the machine? Does anyone have any insight into
> > WebEx?
> > > I
> > > am really curious as to how easy this is. I know once you go to
the
> > WebEx
> > > web site you need to agree and "allow" someone to actually
connect,
> > but it
> > > just seems way too easy.
> > >
> > > I know that websites can grab information from your browser, but
again
> > I
> > > would love to know "how" and all this seems to be connected in
some
> > way.
> > > I
> > > downloaded a copy of "pcaudit.exe" (by Internet Security
Alliance),
> > and
> > > that
> > > just goes to prove how vulnerable one is.
> > >
> > > Any information would be greatly appreciated.
> > > Thanks - Steven
>
>
> Find the best deals on the web at AltaVista Shopping!
> http://www.shopping.altavista.com
- Previous message: Brad Judy: "RE: Recent Mac/Win interop threads"
- Maybe in reply to: Steven Bonici: "Taking control of ones machine"
- Next in thread: H C: "RE: Taking control of ones machine"
- Reply: H C: "RE: Taking control of ones machine"
- Reply: Tom Love: "RE: Taking control of ones machine"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
