Home page logo
/

basics logo Security Basics mailing list archives

RE: remote control program
From: "Serge Vondandamo" <serge.vondandamo () orange fr>
Date: Sat, 31 May 2008 09:27:58 +0200

Sergio and the community,

My apology if I mislead anyone. I did a wrong analysis as I did place
Sergio's situation in a totally different context. 

The LogMeIn is a legit service and I will recommend it among other tools.
I was not referring to the tool itself but the context in which it was used
as I will explain later.

He wrote:

"Hi all, I need to know if anyone knows how this program "LogMeIn." It safe?
It is a Troyan Horse? is part of a group of machines Zombie? The Url of this
program is: https://secure.logmein.com/loggedout.asp

Thank."

In my thoughts, he was surprised to discover the tool being used in his
system (I don’t know why) and sounds like he was under attack.

Probably my mind perceived a state of panic, an attack in progress situation
when scanning these words: " Troyan Horse? Is part of a group of machines
Zombie?".

Let's follow my thoughts a little bit; we are in the situation of someone
who is asking himself about the presence of LogMeIn in his system and
seeking help from the community to know about it and how to deal with it.

In that situation may be my words could have made sense.
And what led me to call it a Trojan in that situation? I will try to
explain, please correct me if I am wrong -:

Let's quote the free encyclopedia: Trojan Horse (disambiguation).

"The Trojan Horse, from Greek mythology, was a giant hollow horse containing
Greek soldiers, used to overtake the city of Troy during the Trojan War.

It has since become a metaphor for any person or thing that appears innocent
or benign, but actually presents danger or harmful intent."

And my mind asked why should I restrict the term only to applications? It
can be extended to situations and intentions.

Following my free mind, I wasn't ashamed to refer to that particular
situation and its context as a "Trojan", because the LogMeIn shouldn't have
been used in the system and everyone knows that it can allow remote control
of that system.

I did recommend corrective controls since I could sense violation of
policies (change control, authorized application, etc) or lack of security
mechanisms in the system.

I am just happy that wasn't the situation of Sergio and I wish him a good
research and information gathering on remote control tools.

Et voila,

Thanks for keeping the security knowledge alive.
Serge Vondandamo, CISSP, CCNA, MCP






-----Message d'origine-----
De : listbounce () securityfocus com [mailto:listbounce () securityfocus com] De
la part de sgp () unsl edu ar
Envoyé : vendredi 30 mai 2008 22:10
À : security-basics () lists securityfocus com
Objet : Re: remote control program

Thank you all for the answers, I need to implement remote administration
several branches of my clients and was evaluating the tool (Logmein) to
implement, at first I thought was spectacular, by not having to configure
anything on the routers to allow access from the internet.
But I am very concerned about whether the tool is reliable, in other words
if the company owns the tool is.
Regards.

Sergio Properzi.
San Luis Argentina.






  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault