Re: Anybody using GoToMyPC instead of/or with a VPN

[Richard Jones]

Thanks much for the in-depth food for thought ----- Original Message ----- From: Bill Higgins To: NT System Admin Issues Sent: Thursday, August 30, 2001 10:42 PM Subject: RE: Anybody using GoToMyPC instead of/or with a VPN We did a fairly in depth analysis and at that point decided to block them at our FW. Here are our findings:   Abstract:   The GoToMyPC application exposes your both our network and data to unnecessary risk. While GoToMyPC may be very useful on a personal-use basis, utilizing it's features in a highly visible corporate environment simply exposes you to unnecessary risk.   How it works (In English)   GoToMyPC acts as a gateway between the machine you wish to access, and a remote client. It utilizes 128-bit encryption, which provides a relatively secure connection between the gateway and the user's machines. The application is operated using a web-browser, and has a very similar look and feel to the PCAnywhere application. How it works (Technically)   The host machine maintains a constant outbound TCP connection to a virtual server (poll.gotomypc.com). Because the TCP connection is outbound and on an unreserved port (above 1024), the service is able to circumnavigate standard firewall configurations. It is merely a shrink-wrapped Trojan. The security risks involved in having a full-time outbound connection such as this are many.   All data sent between the host and remote user must travel via an AES-based VPN. There are far more points of failure, and as far as we have seen there is no guaranteed SLA uptime. The really nasty part is that all of your data has to pass through their servers... whether you are paranoid or not is up to you; but handing the keys over to somebody you don't know should make you skittish.   How to stop it:   Blocking the GoToMyPC application is simple: Block the host poll.gotomypc.com on your firewall. It would take less than 5 minutes to instantiate this rule.   Summary   1.) The glaring fact is that you would be entrusting your data to a third party. You would not have a relationship with this company, and since you can't "look under the hood", you would have to take their word for it in regards to security.   2.) They get hacked, you get hacked.   3.) This is a new company, with no track record. It would be like hiring the kid next door to remodel your house instead of a licensed contractor: It's cheap, but you get what you pay for.   -----Original Message----- From: Richard Jones [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 30, 2001 18:10 To: NT System Admin Issues Subject: Anybody using GoToMyPC instead of/or with a VPN Pros/Cons ..security concerns ?   https://www.gotomypc.com/   --------------------------------------------- RWJ http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm http://www.sunbelt-software.com/ntsysadmin_list_charter.htm