Jonathan G. Lampe
jonathan at stdnet.com
Mon May 13 17:14:20 GMT 2002
At the risk of getting flamed...
About the only thing GoToMyPC would seem guilty of is masking their traffic
as web traffic (maybe), and they aren't the only ones out there doing
that. (Yahoo messenger, anyone?) They are however providing a simple,
blockable hostname for you to block if you want to ban the service.
Your "appropriate use" policies SHOULD already cover this kind of stuff,
because GoToMyPC DOES require the installation of client software.
If there's something IT people should be screaming about, it's that it this
software provides users access to their network resources as if they were
really sitting at their desks...in effect canceling out any physical
security measures they have in place. However, I've also seen people
running VPNs or SSH tunnels straight into their backbones without firewall
or even VPN access rule intervention...in effect hooking someone's home PC
straight into the backbone. I'm not sure which is worse. From a hacker's
point of view, my first goal in both cases is still to get control of the
home PC...and from there all roads lead to Rome.
- Jonathan Lampe
- jonathan at stdnet.com
P.S. Personally, I think the "let's just tunnel it" mentality of VPNs and
SSH is a little dangerous...there's LOTS of good stuff you can put in those
datastreams. There are enough key protocols using SSL now (HTTPS, FTPS,
SMTP over SSL, etc.) to get your work done without having to invest in a
More information about the list