Re: pcanywhere

[Robert Graham <robert_david_graham () yahoo com>]

I presume the original question is how to allow outbound PCanywhere.

PCanywhere sets up a connection by first contacting the target machine using
UDP with a random source port and a destination port of 5632. (For backwards
compatibility, if 5632 doesn't work, it will attempt port 22). Once that has
been established, it will then attempt an outbound connection to port 5631 via
TCP.

The problem is therefore how you can allow inbound UDP responses back through
your firewall. With dumb packet filtering firewalls, this can be tough.

If the question is how to allow inbound PCanywhere, the answer is that you
cannot. Many users install PCanywhere on their PCs with no password protection.
Hackers scan the Internet constantly for such machines, and if you are talking
about a firewall behind which reside many users, your entire company will get
hacked.


--- Crispin Cowan <crispin () wirex com> wrote:
> Louis Mattera wrote:
>
> > I am having a problem getting thru my firewall at work using
> > pcanywhere 9.0.
>
> Good.  Your firewall is working :-)
>
> Crispin
> -----
> Crispin Cowan, CTO, WireX Communications, Inc.    http://wirex.com
> Free Hardened Linux Distribution:                 http://immunix.org

=====
Robert Graham  http://www.robertgraham.com/pubs
__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com