That's interesting. I'm a bit biased against PCAnywhere in general (why not
just use BO, which is free [1] ;), so I probably haven't been keeping up as
much as I should.
What do you mean by "can use Public Key Cryptography"? My main concerns are
protecting the endpoint against attacks from the Internet in general, not in
the data being compromised en route. Of course sniffing is a concern, but
probably less likley than a password guessing or other attack against the
computer running PCAnywhere itself.
So, does the new version use the remote controller's pre-shared public key
to decrypt a challenge (which complicates _some_ of the potential attacks)or
does it just use some sort of crypto on the flow once the session is going?
Bear in mind that this still leaves you all the other attacks on the actual
machine that's running PCAnywhere (OS dependant, but buffer overflow, wierd
spooky fragmentation etc etc).
As to the original question...
I tend to (not use PCAnywhere, but if I did I would) recommend at least a
level of network layer security for this sort of thing. This is not only to
encrypt the data as it passes back and forth. In my opinion, the big win is
that the network layer security is handled by a different (and much more
controllable / secureable, hopefully) box to the one that is the target of
the attack (oh, sorry, I mean service).
If you're looking at something like IPSec then your real question becomes
"how secure is IPSec" because PCAnywhere essentially compromises the entire
system (by design).
Cheers,
--
Ben Nagy
Network Consultant, CPM&S Group of Companies
Direct: +61 8 8422 8319 Mobile: +61 414 411 520
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, July 22, 1999 3:05 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Re:Secure PCAnywhere
>
>
> PC Anywhere v 9 can use Public Key Cryptography.
>
> isn't this sufficient, or isn't this what you meant ?
>
> GG
>
> ____________________Reply Separator____________________
> Subject: Secure PCAnywhere
> Author: MIME:[EMAIL PROTECTED]
> Date: 7/21/99 3:59 PM
>
> Has anyone found a secure way to implement PCAnywhere or
> TCP/IP (over the
> net) ??
> Some ideas mentioned were VPN & IPSec and Circuit Gateway
> ideas anyone??
>
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
>
> *****************************************************
> Please note that any opinions expressed by
> the author of this email document are not
> necessarily those of BOCM PAULS Ltd.
>
> BOCM PAULS Home Page: http://www.bocmpauls.co.uk
> *****************************************************
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
