Re: gotomypc
From: R. DuFresne (dufresne@sysinfo.com)Date: 03/09/02
- Previous message: R. DuFresne: "Re: Modem detection in a LAN"
- In reply to: kevin mckay: "gotomypc"
- Next in thread: R. DuFresne: "Re: gotomypc"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 9 Mar 2002 16:24:11 -0500 (EST) From: "R. DuFresne" <dufresne@sysinfo.com> To: kevin mckay <kevintmckay@yahoo.com>
You audit on two fronts, look at the systems for the controling
application<s> required to use it and you look for connections to their
server<s>:
Non-authoritative answer:
Name: www.gotomypc.com
Address: 63.251.224.169
Non-authoritative answer:
Name: gotomypc.com
Address: 63.251.224.169
And if one wants to be a tad more careful in what they block perhaps a
whole class C:
[jengate.thur.de]
Process query: '63.251.224.169'
Query recognized as IP.
Querying whois.arin.net:43 with whois.
InterNAP Network Services (NETBLK-NETBLK-PNAP-11-99) NETBLK-PNAP-11-99
63.251.0.0 -
63.251.255.255
Expertcity.com (NETBLK-PNAP-SFJ-EXPERT-RM-01) PNAP-SFJ-EXPERT-RM-01
63.251.224.0 -
63.251.224.255
Admittedly I have not investigated any more then a mild look to determine
if all their server<s> are contained within this netblock. But, this is
not unmanageable. And certainly should be covered in the security policy
and the corporate AUP.
Thanks,
Ron DuFresne
On Fri, 8 Mar 2002, kevin mckay wrote:
> Has anybody dealt with the services from https://www.gotomypc.com it
> seems to allow end users to completely circumvent an existing network
> security infrastructure.
>
> The user signs up with gotomypc and establishes a out bound connection
> through the firewall to a go to my pc server, then there server listens
> for a connection that is connected to your internal network
> and the scariest thing is that the listining ports for inbound
> connections are on a gotomypcserver so how would you even audit?.
>
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Try FREE Yahoo! Mail - the world's greatest free email!
> http://mail.yahoo.com/
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: R. DuFresne: "Re: Modem detection in a LAN"
- In reply to: kevin mckay: "gotomypc"
- Next in thread: R. DuFresne: "Re: gotomypc"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
