Vulnerability Development mailing list archives

Re: PCAnywhere Info

From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Wed, 6 Sep 2000 08:54:37 +0200

One such product (I'm fairly sure it was PCAnyware, but not 100%) was
discussed priviously in... bugtraq I think, long ago. The product had a
unecrypted or badly encrypted session mode, and a more secure one. Only
the problem was the first mode was easier to use and according to many,
defacto standard among the users.

Personly, I'd question how appropriate it is to use a product which is
very much based upon propriatery protocolls and with unknown amount of
inspection by security expertice.

What I'd like to see is the SSH1 or SSH2 protocoll to be implemented for
the windows enviroment (and other none-unixes). Obviously the code should
be open source and the main coders be experienced windows & security
programmers, otherwise it doesn't really matter what protocoll they use
(if the application itself is insecure)

You might see me release such an application in the year 2032 or something
like that ;-)

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team


On Tue, 5 Sep 2000, Crist Clark wrote:

I am looking for 3rd party, independent reviews of the security of
PCAnywhere. Something more technical than a thumbs-up/thumbs-down
review from PC Magazine or the like. I have found bits and pieces
at SecurityFocus and Symantec's propaganda, but not what I need.

Any 3rd party whitepaper reviews of their security model? Thanks.
--
Crist J. Clark                                Network Security Engineer
crist.clark () globalstar com                    Globalstar, L.P.
(408) 933-4387                                FAX: (408) 933-4926

The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.  If
the reader of this e-mail is not the intended recipient, or the employee
or agent responsible to deliver it to the intended recipient, you are
hereby notified that any review, dissemination, distribution or copying
of this communication is strictly prohibited.  If you have received this
e-mail in error, please contact postmaster () globalstar com

Current thread:

PCAnywhere Info Crist Clark (Sep 05)
- Re: PCAnywhere Info Bluefish (P.Magnusson) (Sep 05)
  - Re: PCAnywhere Info Blue Boar (Sep 06)
- <Possible follow-ups>
- Re: PCAnywhere Info Robert Collins (Sep 06)