Security Basics mailing list archives
Re: FW: Question about GoToMyPc services
From: Sagiko <sagiko () gmail com>
Date: Sat, 13 Aug 2005 12:59:18 +0800
hi, Just some extra information about GoToMyPc from some experience in my place. Actually the port 8200 is not necessory for using the GoToMyPc although it would optimized the performance according to their engineers. If your block this port, the GoToMyPc will automatically tunnel the traffic through port 443 (SSL). So as long as your firewall allow outbound 443 (SSL) connections to anywhere (most companies will allow this as long as they allow the user to access the web) , GoToMyPc will be working. Also depends on your region, the GoToMyPc service will go to a particular Citrix's server. And you can get this list from the support. regards, Rick Zhong Liming ==================================================== Welcome to SINgapore <IN>FOSECurity Interest Group at: www.sinfosec.org On 8/11/05, Ms. Judith Taylor <jtaylor () acvna org> wrote:
First, I want to thank everyone for their help in pointing me to the needed information. I have now resolved the situation and my concerns have been laid to rest (as much as it can with anyone having remote access to one of my machines). ;) I realize now that I should have looked on Citrix's site for the information, not GoToMyPc.com. Second. Ju Ne, my company also deals with HIPAA issues, as does the vendor who requested/requires GoToMyPc. From what I can tell from reading their white papers, they do not store any information that passes through their service. They are simply the means for remote connection. Their white paper on Security states that all information that passes between the two computers is encrypted at all points of the transmission. From that, I believe they avoid any possible problems with HIPAA compliancy. Hope that helps Ju Ne. Judith Ju Ne wrote:Judith, Thank you for bring up GoToMyPc services. We have several users utilizing that service in my organization and I haven't had time to do the necessary testing. I would like to add another question to the discussion. My company works with health information which is protected by HIPAA. Do you know if they store the information that passes through their network? If they do then it would be a HIPAA violation. ddjjembe-- Ms. Judith Taylor Director - Information Systems Appalachian Community Visiting Nurse Assoc., Hospice and Health Services, Inc. 740.594.8226 http://www.acvna.org
Current thread:
- Question about GoToMyPc services Ms. Judith Taylor (Aug 10)
- Re: Question about GoToMyPc services JM (Aug 12)
- <Possible follow-ups>
- FW: Question about GoToMyPc services Ju Ne (Aug 12)
- Re: FW: Question about GoToMyPc services Ms. Judith Taylor (Aug 12)
- Re: FW: Question about GoToMyPc services Sagiko (Aug 15)
- Re: FW: Question about GoToMyPc services Ms. Judith Taylor (Aug 12)