In any siuation where firewalls prevent people from getting useful work
done, people will look for ways around them.
good, bad or ambivalent that's life. basically it underscores the need for
decent host security since you can't trust your firewall for jack if you
have enough users.
joelja
On Sat, 4 Jan 2003, Henrik Nordstrom wrote:
> was just reading the GoToMyPC overview, and a claim they make made me
> laught real bad
>
> Today, some workers use products like pcAnywhere to
> get around LAN security by dialing directly into office
> PCs. GoToMyPC eliminates this temptation by using the
> Internet, securely.
>
> With GoToMyPC, there is no need to punch holes through
> corporate firewalls. All connections are initiated by
> the client and server, using outgoing TCP ports
> frequently left open: 80, 443, and/or 8200.
>
> Yea, sure.. so what is it exacly GoToMyPC does if not punching huge
> holes right thru the firewall by abusing the smaller holes left open to
> allow employees to reach the Internet?
>
> marketing people... or perhaps worse. who knows what control GoToMyPC
> has of the controlled PC stations.. all are connected at all times to
> their servers..
>
> Regards
> Henrik
>
>
> Henrik Nordstrom wrote:
> >
> > You need to find a way to block the broker service they use to connect
> > the client and server, ie. the login function where the user logs in to
> > the service to gain access to "his" computer.
> >
> > The service consists of three components
> >
> > a) remote computer with a small "server" component
> >
> > b) client computer with a client
> >
> > c) A broker service on the Internet, to which the client connects in
> > order to gain access to the remote computers.
> >
> > This kind of "hosted" commercial firewall-busting services is usually
> > quite easily to block as they tend to rely on central broker components
> > keeping track of everything, and if you block the broker they are out of
> > business (for your users).
> >
> > The non-commercial tools is a fair bit harder as there is no central
> > broker component which can easily be identified, but is also for the
> > same reason a bit harder for users to use..
> >
> > Regards
> > Henrik
> >
> > Edward Mann wrote:
> > >
> > > it has been brought to my attention that some users on my network are
> > > using a tool that you can get at gotomypc.com. I have tried to block the
> > > port that it starts on 8200, but it then will change to port 443 and
> > > continue to work. Can someone help me figure out how to stop this. i
> > > have also tried the ip address, but it seems to change that as well.
> > >
> > > Thanks.
>
-- -------------------------------------------------------------------------- Joel Jaeggli Academic User Services joelja@darkwing.uoregon.edu -- PGP Key Fingerprint: 1DE9 8FCA 51FB 4195 B42A 9C32 A30D 121E -- In Dr. Johnson's famous dictionary patriotism is defined as the last resort of the scoundrel. With all due respect to an enlightened but inferior lexicographer I beg to submit that it is the first. -- Ambrose Bierce, "The Devil's Dictionary"Received on Fri Jan 03 2003 - 22:43:13 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:27 MST