Home page logo
/

basics logo Security Basics mailing list archives

Re: Blocking GoToMyPC
From: "Philip Duldig" <maninwhite () tpg com au>
Date: Fri, 31 Oct 2003 15:55:42 +1030

What is the easiest way to block GoToMyPC?  I do not want employees either
working on their home machines from work, or opening up the network by
bypassing the firewall.
I think from reading GoToMyPC's website the remote machine must login into
one of the servers, then the client connect to the GoToMyPC server and the
server relays commands to the remote machine.  Also I think I read that
GoToMyPC uses HTTP and other protocols that normally the firewall allows
through.

One idea that we had was to put a phony DNS entry into our DNS server for
the GoToMyPC domain, to send that traffic to a non-existent IP on our
network.  Would this work?  What would be the major problems with it?

What about disallowing access to any ip that on a reverse DNS lookup falls
into the GoToMyPC domain?

Thanks for your time,
Brandon


Hey,
You may be interested in setting up a proxy that has URL
detection/redirection and or phrase checking -- there is a nice _free_ proxy
that works in conjunction with squid (http://www.squid-cache.org/) called
DansGuardian ( http://dansguardian.org/ ) (binaries for
linux/solaris/freebsd) that will redirect (ie block) page requests based on
the url (ie all sites such as blahblah.gotomypc.com) but it can also block
pages containing predefined phrases (such as "welcome to gotomypc.com", etc)

(ie it parses the HTML it grabs and checks to see if it can serve it to the
client)

I recently set this up at work (A primary school ages 5 to 12) to protect
the users (mostly children) from nastiness online and might be useful if the
users are going to things that could break their workstations (dialers,
popups, ads arggg!!)

Might be what your after, might not be
worth a look never the less

Philip Duldig



---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • Re: Blocking GoToMyPC Leif Ericksen (Nov 03)
    • <Possible follow-ups>
    • Re: Blocking GoToMyPC Philip Duldig (Nov 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]