Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: gotomypc
From: "Rainer Duffner" <rainer () ultra-secure de>
Date: Sun, 10 Mar 2002 14:05:42 GMT

kevin mckay writes:
Has anybody dealt with the services from https://www.gotomypc.com it
seems to allow end users to completely circumvent an existing network
security infrastructure.

I think that is just one of several ones:
http://directory.google.com/Top/Computers/Security/Internet/Privacy/Tools_an d_Services/
Though not all will do the same.
Most notably, to me, is htthost/httport:
http://www.htthost.com/

The user signs up with gotomypc and establishes a out bound connection
through the firewall to a go to my pc server, then there server listens
for a connection that is connected to your internal network
and the scariest thing is that the listining ports for inbound
connections are on a gotomypcserver so how would you even audit?.

Once the tunnel is encrypted, there are not many options left:
- blackhole the relevant IP-adresses -> this becomes futile once users
 use htthost on one of their home DSL-lines
- run spyware (SMS etc) on the client-pc and employe an armada of
 tech-support people to periodically check every employee-PC for what
 the user has running. -> this will probably boost the economy and get you
 bonus-points from HR and upper management
- try to lock down the client-configuration to up the ante for the
 employees -> helps until someone has found a way to circumvent it, until
 then it might even annoy the honest users
- install host-based IDS -> mitigates break-ins that can occur and helps
pin-down the individual in case
Finally:
- admit it is a social problem, that cannot be totally dealt with
technology only.


cheers,
Rainer
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rainer Duffner                   Munich
rainer () ultra-secure de          Germany
http://www.i-duffner.de        Freising
========================================
   When shall we three meet again
 In thunder, lightning, or in rain?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]