Hi All, I have some questions relating to pcAnywhere encryption. First a bit of background, I am looking at the use of pcAnywhere where I work. The vast majority of machines that might want to connect to a host will either be on the internal network, or connecting to it through a VPN. There may be a few external modem connections however, although I do hope to discourage these. Some of these connections, particularly the external dialup connections to internal modems, will need to use the encryption provided by pcAnywhere.
I am aware that there are three forms of encryption in pcAnywhere, pcAnywhere encryption, symmetric encryption and public key encryption. PcAnywhere encryption uses a relatively simple algorithm to scramble the data and is in reality very weak and unsuitable for my purposes. In the public key encryption option asymmetric encryption is used to securely exchange a key for symmetric encryption, which I believe is standard practice due to performance issues. However after taking a look at documents on Symantec's website on pcAnywhere encryption, I believe that the key used in the symmetric encryption option must be passed in the clear. Therefore although it may be unlikely, it would be possible for someone to capture that key and therefore be able to decrypt the session. My questions are: 1) Am I right in assuming that the key used in the symmetric encryption option in pcAnywhere is passed in the clear? 2) I would also like to know if a new key is generated for each session? If it is that means that just because someone captured the key once, doesn�t mean that they can decrypt any subsequent sessions using the initial captured key. 3) What realistic chance do people think there is that someone �out there� would successfully sniff the key as it traversed the telephone network? Anyone connecting over the Internet will have to go through the VPN. 4) Are there any good books or Internet resources on vulnerabilities in dialup modems or there comms software? I would like to get an idea of whether someone could connect to the modem on a Windows NT/2000 box and exploit a vulnerability that would grant them access to the box. I am guessing this is unlikely, expect for crashing the modem or the box to cause DOS, but I am really not sure. Any help would be appreciated, thanks. Alan UK _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com
