Re: gotomypc
From: Rainer Duffner (rainer@ultra-secure.de)Date: 03/10/02
- Previous message: R. DuFresne: "Re: gotomypc"
- In reply to: kevin mckay: "gotomypc"
- Next in thread: Ken.Williams@ey.com: "Re: gotomypc"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Rainer Duffner" <rainer@ultra-secure.de> To: kevin mckay <kevintmckay@yahoo.com> Date: Sun, 10 Mar 2002 14:05:42 GMT
kevin mckay writes:
> Has anybody dealt with the services from https://www.gotomypc.com it
> seems to allow end users to completely circumvent an existing network
> security infrastructure.
I think that is just one of several ones:
http://directory.google.com/Top/Computers/Security/Internet/Privacy/Tools_an
d_Services/
Though not all will do the same.
Most notably, to me, is htthost/httport:
http://www.htthost.com/
> The user signs up with gotomypc and establishes a out bound connection
> through the firewall to a go to my pc server, then there server listens
> for a connection that is connected to your internal network
> and the scariest thing is that the listining ports for inbound
> connections are on a gotomypcserver so how would you even audit?.
Once the tunnel is encrypted, there are not many options left:
- blackhole the relevant IP-adresses -> this becomes futile once users
use htthost on one of their home DSL-lines
- run spyware (SMS etc) on the client-pc and employe an armada of
tech-support people to periodically check every employee-PC for what
the user has running. -> this will probably boost the economy and get you
bonus-points from HR and upper management
- try to lock down the client-configuration to up the ante for the
employees -> helps until someone has found a way to circumvent it, until
then it might even annoy the honest users
- install host-based IDS -> mitigates break-ins that can occur and helps
pin-down the individual in case
Finally:
- admit it is a social problem, that cannot be totally dealt with
technology only.
cheers,
Rainer
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rainer Duffner Munich rainer@ultra-secure.de Germany http://www.i-duffner.de Freising ======================================== When shall we three meet again In thunder, lightning, or in rain? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
- Previous message: R. DuFresne: "Re: gotomypc"
- In reply to: kevin mckay: "gotomypc"
- Next in thread: Ken.Williams@ey.com: "Re: gotomypc"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
