Re: Blocking GoToMyPC

[Todd <tod () megachump com>]

VPN circumvention barriers:

gotomypc.com

you can prevent company computers from being accessed via GoToMyPC.com
service by using your firewall to block access to the host poll.gotomypc.com. 

loudpc.com

you can prevent your company computers from being accessed via the loudpc.com
service by using your firewall to block access to the hosts 
device.loudpc.com and my.loudpc.com


On Wed, Oct 29, 2003 at 02:01:28PM -0500, Brandon Slice wrote:
> What is the easiest way to block GoToMyPC?  I do not want employees either working on their home machines from work, 
> or opening up the network by bypassing the firewall.  
> I think from reading GoToMyPC's website the remote machine must login into one of the servers, then the client 
> connect to the GoToMyPC server and the server relays commands to the remote machine.  Also I think I read that 
> GoToMyPC uses HTTP and other protocols that normally the firewall allows through.  
>
> One idea that we had was to put a phony DNS entry into our DNS server for the GoToMyPC domain, to send that traffic 
> to a non-existent IP on our network.  Would this work?  What would be the major problems with it?
>
> What about disallowing access to any ip that on a reverse DNS lookup falls into the GoToMyPC domain?
>
> Thanks for your time,
> Brandon 

-- 
Todd
tod () megachump com


---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------