[Dshield] gotomypc.com

Jonathan G. Lampe jonathan at stdnet.com
Mon May 13 17:14:20 GMT 2002


At the risk of getting flamed...

About the only thing GoToMyPC would seem guilty of is masking their traffic 
as web traffic (maybe), and they aren't the only ones out there doing 
that.  (Yahoo messenger, anyone?)  They are however providing a simple, 
blockable hostname for you to block if you want to ban the service.

Your "appropriate use" policies SHOULD already cover this kind of stuff, 
because GoToMyPC DOES require the installation of client software.

If there's something IT people should be screaming about, it's that it this 
software provides users access to their network resources as if they were 
really sitting at their desks...in effect canceling out any physical 
security measures they have in place.  However, I've also seen people 
running VPNs or SSH tunnels straight into their backbones without firewall 
or even VPN access rule intervention...in effect hooking someone's home PC 
straight into the backbone.  I'm not sure which is worse.  From a hacker's 
point of view, my first goal in both cases is still to get control of the 
home PC...and from there all roads lead to Rome.

- Jonathan Lampe
- jonathan at stdnet.com

P.S. Personally, I think the "let's just tunnel it" mentality of VPNs and 
SSH is a little dangerous...there's LOTS of good stuff you can put in those 
datastreams.  There are enough key protocols using SSL now (HTTPS, FTPS, 
SMTP over SSL, etc.) to get your work done without having to invest in a 
tunnel architecture.




More information about the list mailing list