Re: [squid-users] Something i found hard. from Henrik Nordstrom on 2003-01-03 (squid-users)

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sat, 04 Jan 2003 01:16:26 +0100

was just reading the GoToMyPC overview, and a claim they make made me
laught real bad

     Today, some workers use products like pcAnywhere to
     get around LAN security by dialing directly into office
     PCs. GoToMyPC eliminates this temptation by using the
     Internet, securely.

     With GoToMyPC, there is no need to punch holes through
     corporate firewalls. All connections are initiated by
     the client and server, using outgoing TCP ports
     frequently left open: 80, 443, and/or 8200.

Yea, sure.. so what is it exacly GoToMyPC does if not punching huge
holes right thru the firewall by abusing the smaller holes left open to
allow employees to reach the Internet?

marketing people... or perhaps worse. who knows what control GoToMyPC
has of the controlled PC stations.. all are connected at all times to
their servers..

Regards
Henrik

Henrik Nordstrom wrote:
>
> You need to find a way to block the broker service they use to connect
> the client and server, ie. the login function where the user logs in to
> the service to gain access to "his" computer.
>
> The service consists of three components
>
> a) remote computer with a small "server" component
>
> b) client computer with a client
>
> c) A broker service on the Internet, to which the client connects in
> order to gain access to the remote computers.
>
> This kind of "hosted" commercial firewall-busting services is usually
> quite easily to block as they tend to rely on central broker components
> keeping track of everything, and if you block the broker they are out of
> business (for your users).
>
> The non-commercial tools is a fair bit harder as there is no central
> broker component which can easily be identified, but is also for the
> same reason a bit harder for users to use..
>
> Regards
> Henrik
>
> Edward Mann wrote:
> >
> > it has been brought to my attention that some users on my network are
> > using a tool that you can get at gotomypc.com. I have tried to block the
> > port that it starts on 8200, but it then will change to port 443 and
> > continue to work. Can someone help me figure out how to stop this. i
> > have also tried the ip address, but it seems to change that as well.
> >
> > Thanks.
Received on Fri Jan 03 2003 - 17:17:26 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:27 MST