Firewall Wizards mailing list archives
Re: pcanywhere
From: "Garrahan, Kelvin" <Kelvin.Garrahan () compaq com>
Date: Tue, 19 Oct 1999 14:22:58 +0100
Hi, Using PC anywhere is a risk, as is any other remote management software, what needs to be decide how much of a risk it is and how to minimise the threat. What is required is that you control the level of access, provide for strong authentication (OTP's or Certificates). If connecting across a public medium like the Internet use encryption to protect the traffic from being sniffed. One other thing that is mentioned is that the location from which a VPN is being initialised, must be secure. This means that not only does the PC (terminal) initialising the tunnel be subject to physical access security but also be protected from other unauthenticated users piggy backing traffic on the VPN. For example: A Remote manager is connected via an ISP to the Internet and establishes a VPN Tunnel to his Corporate network to remote manage Servers etc. A cracker is scanning the ISP randomly trying to connect to dialup clients, or has installed a sniffer upstream of the remote user. Either way the cracker becomes aware of a VPN tunnel emanating from a dialup client to the ISP. The cracker could then attack the Remote managers PC, enabling IP forwarding for instance, and route packets down the VPN tunnel to the Corporate network. This is similar to BO2K Trojan being leveraged to piggy back on the VPN. A solution to this problem is to have a Firewall protecting the Remote Client, as well as appropriate Virus software to detect the latest Trojans. Checkpoint are about to ship a personal Firewall which is designed with this weakness in mind, which would secure a remote user who periodically accesses directly to a public untrusted network. regards Kelvin. Kelvin Garrahan Security Consultant Compaq Professional Services
Current thread:
- pcanywhere Deepak Vaidya (Oct 12)
- Re: pcanywhere Jeff Sedayao (Oct 12)
- Re: pcanywhere Joseph S D Yao (Oct 13)
- Re: pcanywhere Joe Ippolito (Oct 16)
- Re: pcanywhere Andrzej Blaszczyk (Oct 13)
- Re: pcanywhere Ceirst N. Kaelton (Oct 16)
- <Possible follow-ups>
- RE: pcanywhere Desai, Ashish (Oct 13)
- RE: pcanywhere Henry Sieff (Oct 13)
- Re: pcanywhere Garrahan, Kelvin (Oct 19)
- RE: pcanywhere FERNANDO_MONTENEGRO (Oct 20)
- Re: pcanywhere dwelch (Oct 23)