Re: pcAnywhere...Outbound Only.

From: Chris Berry (compjma@hotmail.com)
Date: 01/28/03

  • Next message: theog: "Re: security scenario" 
    From: "Chris Berry" <compjma@hotmail.com>
To: security-basics@securityfocus.com
Date: Tue, 28 Jan 2003 13:33:23 -0800

    >From: "tony toni" <tony572001@hotmail.com>
    >We have a rule on our firewall that allows all employees to use pcAnywhere
    >to connect to a host OUTSIDE of our network. It is in one
    >direction...that is from inside our network to an outside host and not vise
    >versa. Our firewall administrator, came to me and asks me if I had any
    >security issues with this. He does not want the hassle of maintaining a
    >list of employees that can do this.
    >I do not see any glaring problems doing this....what do you think?

    As long as you are using a VPN this should be ok from a security point of
    view. If you're not using a VPN, try and get them to set both ends to at
    least symmetric encryption, preferably PKI, in the PC Anywhere settings.
    You wouldn't want those login passwords transmitted in the clear would you?

    From a management point of view, just realize that people could use this to
    violate your company policies by taking control of their home computer and
    going to denied websites, playing video games, etc.

    Other than that, should be fine.

    Chris Berry
    compjma@hotmail.com
    Systems Administrator
    JM Associates

    "For Sys Admins paranoia isn't a mental health problem, its a marketable job
    skill."

    _________________________________________________________________
    Tired of spam? Get advanced junk mail protection with MSN 8.
    http://join.msn.com/?page=features/junkmail

    Relevant Pages

    • Re: One computer cant see the other.
      ... I'm not sure I'm doing this right Steve, but on the command prompt at my host ... command prompt on my host machine and my client machine when I ping the host. ... network of two computers. ... The most likely problem is that a firewall (Norton, McAfee, ZoneAlarm, ...
      (microsoft.public.windowsxp.network_web)
    • Re: XP Pro Network Cant ping 192.168.0.1
      ... Proir to that my network work just fine ... >and I was using remote desktop from the host to my tablet. ... I can ping any of the computers on the 192.168.0.x subnet excepting ... >matter if I firewall the local subnet or not, ...
      (microsoft.public.windowsxp.network_web)
    • Re: Firewall Appliances
      ... around me that like Windows and Microsoft products and unfortunatally ... >> I've got a quick question about firewall appliances. ... >> protection for my home network or do I need to have a firewall ... that it is too flawed to be shown open on _any_ host in your ...
      (comp.security.firewalls)
    • Re: Xerox DocuTech problems
      ... It's a corporate-sized copier. ... should be behind a firewall. ... components and the network drop. ... it's still a big risk from the inside employees. ...
      (Bugtraq)
    • Re: pcAnywhere...Outbound Only.
      ... >>is from inside our network to an outside host and not vise versa. ... >>firewall administrator, came to me and asks me if I had any security issues ... He does not want the hassle of maintaining a list of employees ... You can tunnel VNC ...
      (Security-Basics)