[Dshield] Outbound GoToMyPC

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Thu Jun 28 18:15:07 GMT 2007


On Wed, 27 Jun 2007 23:25:35 PDT, Steven Brower said:
> What about outbound GoToMyPC?  That is, what is the security risk to a
> networked work environment which allows exclusively *outbound* access to
> GoToMyPC?  

OK. So we have a PC out there in the Internet wilderness. It's unknown whether
it's properly run, whether it's infested with malware looking for a way out,
and whether you'd want it inside your security perimeter.  But it's *more*
likely that said box is a security timebomb than your average website (Vint
Cerf estimated 140 million of them, and nobody blinked when he said it).

And you want to allow your users to connect to said box?

To quote Randy Bush: "I encourage my competitors to design their networks
that way". :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.sans.org/pipermail/list/attachments/20070628/e3874f5d/attachment.bin 


More information about the list mailing list