Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] PC Anywhere protocol
From: Security Related <b_c_w_g () HOTMAIL COM>
Date: Thu, 7 Sep 2000 14:50:34 CDT

ACtually those ports are only for the most current version....and the most
current version will also use the older port numbers for backwards
compatability, if it doesn't get the right answer on those ports...the
symantec site has a very good help docs if you include ports in your search
criteria....I would just put the URL on here but my internet access is toast
right now...

The latest ones will let you use NONE, PCANYWHERE, SYMMETRIC, and PUBLIC-KEY
encryption...I have heard the PCAW encryption is weak, and of course NONE,
is never a good idea...but I'm not a crypto guy...depending on what you need
it for you could always NOT leave it [the host] running all the time...you
need ADMIN access to an NT box to start the (any) PCAW service and could
just start the service when you need it, or schedule it if it is for regular
stuff...

all that done, you can specify NT domain account access to a session...in
the end, PCAW is like any other usefull tool, it can be great or severely
trash you security on a box, depending on how it's used...

email me if you have specific questions...I'm no GURU, but have used the
latest PCAW (V8 & 9) a pretty fair bit...

Egoslayer1
**************************

From: "Meritt, Jim" <Jim.Meritt () WANG COM>
Reply-To: Penetration Testers <PEN-TEST () SECURITYFOCUS COM>
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] PC Anywhere protocol
Date: Wed, 6 Sep 2000 14:47:59 -0400

Please note that installing a NEWER version of PC Anywhere does not remove
an older one.  The ports are different, but the ones for the previous
version may well remain open in spite of that version not being actively
used.

Also note that the encryption scheme, and the defaults, are different in
the
varying versions.

Opinion:  I hate PC Anywhere.


_______________________
The opinions expressed above are my own.  The facts simply are and belong
to
none.
James W. Meritt, CISSP, CISA
Senior Information Systems Security and Audit Analyst, Information
Assurance
Center of Excellence
Wang Government Services, Inc.

-----Original Message-----
From: Constable, Bryan [mailto:constablebk () MSX UPMC EDU]
Sent: Wednesday, September 06, 2000 1:57 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: PC Anywhere protocol



It looks like the ports are udp-5630, tcp-5631,udp-5632, and udp ssh-22.  I
don't know if this helps

-----Original Message-----
From: Oliver Friedrichs [ mailto:ofriedrichs () SECURITYFOCUS COM
<mailto:ofriedrichs () SECURITYFOCUS COM> ]
Sent: Wednesday, September 06, 2000 12:44 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] PC Anywhere protocol


Does anyone know of any specifications that document the PC Anywhere
protocol.  I'm primarily interested in the initial authentication portions
of it.

- Oliver


_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at
http://profiles.msn.com.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]