Re: Blocking GoToMyPC

From: Todd (tod_at_megachump.com)
Date: 10/30/03

Next message: Dave Swink (dswink): "RE: Personal Firewall for Business use"

Previous message: Dr Aldo Medina: "X11 Outgoing"
In reply to: Brandon Slice: "Blocking GoToMyPC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 30 Oct 2003 15:51:32 -0500
To: security-basics@securityfocus.com

VPN circumvention barriers:

gotomypc.com

you can prevent company computers from being accessed via GoToMyPC.com
service by using your firewall to block access to the host poll.gotomypc.com.

loudpc.com

you can prevent your company computers from being accessed via the loudpc.com
service by using your firewall to block access to the hosts
device.loudpc.com and my.loudpc.com

On Wed, Oct 29, 2003 at 02:01:28PM -0500, Brandon Slice wrote:
> What is the easiest way to block GoToMyPC? I do not want employees either working on their home machines from work, or opening up the network by bypassing the firewall.
> I think from reading GoToMyPC's website the remote machine must login into one of the servers, then the client connect to the GoToMyPC server and the server relays commands to the remote machine. Also I think I read that GoToMyPC uses HTTP and other protocols that normally the firewall allows through.
>
> One idea that we had was to put a phony DNS entry into our DNS server for the GoToMyPC domain, to send that traffic to a non-existent IP on our network. Would this work? What would be the major problems with it?
>
> What about disallowing access to any ip that on a reverse DNS lookup falls into the GoToMyPC domain?
>
> Thanks for your time,
> Brandon
>

-- 
Todd
tod@megachump.com
---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------

Next message: Dave Swink (dswink): "RE: Personal Firewall for Business use"

Previous message: Dr Aldo Medina: "X11 Outgoing"
In reply to: Brandon Slice: "Blocking GoToMyPC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: hopster bypass that firewall!
... I would say that the best bet would be to block access at the firewwall to ... Subject: hopster bypass that firewall! ... PGP / XML GATEWAY APPLIANCE ...
(Security-Basics)
Re: Home firewall Hits
... >Port 162 with a UDP message. ... than theres nothing blocking access from the internet to your router. ... >Subject: Home firewall Hits ... >simplify the management and deployment of PGP and reduce overall PGP costs ...
(Security-Basics)
Re: Teleworking
... Cisco VPN Client running on local PC ... ADSL router runing VPN passthrough and full firewall ... > simplify the management and deployment of PGP and reduce overall PGP ...
(Security-Basics)
HACKED!
... password and block access to ... >installing program was apparently loadeded on my ... >private information on my machine and dump it daily to ... >wiped completely and then install a firewall, ...
(microsoft.public.windowsxp.security_admin)
RE: Home firewall Hits
... Subject: Home firewall Hits ... >Port 162 with a UDP message. ... >simplify the management and deployment of PGP and reduce overall PGP costs ...
(Security-Basics)