Home page logo

pen-test logo Penetration Testing mailing list archives

Re: gotomypc
From: "Rainer Duffner" <rainer () ultra-secure de>
Date: Sun, 10 Mar 2002 14:05:42 GMT

kevin mckay writes:
Has anybody dealt with the services from https://www.gotomypc.com it
seems to allow end users to completely circumvent an existing network
security infrastructure.

I think that is just one of several ones:
http://directory.google.com/Top/Computers/Security/Internet/Privacy/Tools_an d_Services/
Though not all will do the same.
Most notably, to me, is htthost/httport:

The user signs up with gotomypc and establishes a out bound connection
through the firewall to a go to my pc server, then there server listens
for a connection that is connected to your internal network
and the scariest thing is that the listining ports for inbound
connections are on a gotomypcserver so how would you even audit?.

Once the tunnel is encrypted, there are not many options left:
- blackhole the relevant IP-adresses -> this becomes futile once users
 use htthost on one of their home DSL-lines
- run spyware (SMS etc) on the client-pc and employe an armada of
 tech-support people to periodically check every employee-PC for what
 the user has running. -> this will probably boost the economy and get you
 bonus-points from HR and upper management
- try to lock down the client-configuration to up the ante for the
 employees -> helps until someone has found a way to circumvent it, until
 then it might even annoy the honest users
- install host-based IDS -> mitigates break-ins that can occur and helps
pin-down the individual in case
- admit it is a social problem, that cannot be totally dealt with
technology only.

Rainer Duffner                   Munich
rainer () ultra-secure de          Germany
http://www.i-duffner.de        Freising
   When shall we three meet again
 In thunder, lightning, or in rain?
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]