Penetration Testing mailing list archives
Re: gotomypc
From: "Rainer Duffner" <rainer () ultra-secure de>
Date: Sun, 10 Mar 2002 14:05:42 GMT
kevin mckay writes:
Has anybody dealt with the services from https://www.gotomypc.com it seems to allow end users to completely circumvent an existing network security infrastructure.
I think that is just one of several ones:http://directory.google.com/Top/Computers/Security/Internet/Privacy/Tools_an d_Services/
Though not all will do the same. Most notably, to me, is htthost/httport:http://www.htthost.com/
The user signs up with gotomypc and establishes a out bound connection through the firewall to a go to my pc server, then there server listens for a connection that is connected to your internal network and the scariest thing is that the listining ports for inbound connections are on a gotomypcserver so how would you even audit?.
Once the tunnel is encrypted, there are not many options left: - blackhole the relevant IP-adresses -> this becomes futile once users use htthost on one of their home DSL-lines - run spyware (SMS etc) on the client-pc and employe an armada of tech-support people to periodically check every employee-PC for what the user has running. -> this will probably boost the economy and get you bonus-points from HR and upper management - try to lock down the client-configuration to up the ante for the employees -> helps until someone has found a way to circumvent it, until then it might even annoy the honest users - install host-based IDS -> mitigates break-ins that can occur and helpspin-down the individual in case
Finally: - admit it is a social problem, that cannot be totally dealt withtechnology only.
cheers, Rainer -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rainer Duffner Munich rainer () ultra-secure de Germany http://www.i-duffner.de Freising ======================================== When shall we three meet again In thunder, lightning, or in rain?~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- gotomypc kevin mckay (Mar 09)
- Re: gotomypc R. DuFresne (Mar 10)
- Re: gotomypc R. DuFresne (Mar 10)
- Re: gotomypc Rainer Duffner (Mar 10)
- <Possible follow-ups>
- Re: gotomypc Ken . Williams (Mar 11)