[Dshield] gotomypc.com

vincent malguy malguy_v at epita.fr
Wed May 15 09:53:56 GMT 2002


Backchannel application are not a fresh probleme. you can backchannel
almost any command line application with netcat and this tools is like 10
years old so ...

I do not even talk about SSH tunneling or Crytocat.

You just have to start thinking as your "Safety zone" (aka behind the
firewall) as a zone that can be comprise by any software (viruses) that
could containt a backchannel.

Dont blindy trust zillionaire firewall company : Firewall are only a part
of your security network design.

Start to use a proxy and it will wipe out any other protocols than pure
HTTP.

This could also be bypassed but this is as far "the best effort" that can
be done in a large company

VinZ

On Mon, 13 May 2002, Tony Carothers wrote:

> >From the gotomypc.com site..
>
>
> [snip]
>
> https://www.gotomypc.com/ourTechnology.tmpl?SessionInfo=12126467/2EFE226F95B
> A7E1/null
>
> Firewall Friendly
> Because the GoToMyPC software on the remote computer initiates an outgoing
> connection, the technology works with your existing firewall and does not
> require special configuration. Nor does it compromise the integrity of your
> firewall.
>
> [snip]
>
> Not on my network.  No way.  If, by initiating a connection from the inside,
> this doesn't compromise firewall integrity, I'd be curious as to WHAT DOES.
> It does not say WHEN it is initiated.  They are very vague as to exactly how
> there technology works.
>
>
> Tony Carothers
> Network/Systems Administrator
> tcarothers at lifestreamtech.com
>
>
>
>
> -----Original Message-----
> From: Kuske, Barry [mailto:BKuske at fugrochance.com]
> Sent: Monday, May 13, 2002 7:35 AM
> To: 'list at dshield.org'
> Subject: [Dshield] gotomypc.com
>
>
> I was just wondering if anyone was aware of this product/service
> (www.gotomypc.com).  Apparently it will allow remote PC access from the
> internet and doesn't require any kind of FIREWALL reconfiguration.  To me as
> a firewall administrator and network administrator this is a huge security
> problem.  This would allow anyone on your network without prior permission
> to setup their PC so that it can be REMOTE CONTROLLED from the internet.
> The only thing that prevented this from happening was SuperScout blocked the
> site as a remote proxy.
>
> Any feedback would greatly be appreciated.
>
> Thanks,
>
> Barry Kuske, CCNA, MCSE
> Staff Techinical Support Analyst
> Fugro Chance Inc.
> 200 Dulles Drive
> Lafayette, LA  70506
>
>
> [[ Attachement of type text/html deleted]]
>
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
> http://www.dshield.org/mailman/listinfo/list
>
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
>
>




More information about the list mailing list