This thread is deja vu all over again, since we have just been told by a
vendor yesterday that webex was the intended means of obtaining remote
support for their product as well. I had to double check with my staff to
assure that none of them sent this under an alias. The scary part of this
is that it requires no license/purchase of software on our side to enable
the port 80 "feature." One could think that they're just surfing a website,
download a flash component, and open oneself up to hijacking.
The intended purpose we were looking for is the ability to provide support
remotely for an application hosted on a server. This tool would allow the
vendor to have a window to a client on the host, and should the client
wetware allow it, turn the client over to the webex viewer to take over all
functions on the pc.
Ron DuFresne
<dufresne@winternet. To: Steven Pierce
<[EMAIL PROTECTED]>
com> cc: Steven Bonici
<[EMAIL PROTECTED]>,
Sent by: [EMAIL PROTECTED]
firewalls-admin@list Subject: Re: Taking control of ones
machine
s.gnac.net
12/20/2001 01:50 PM
Steven,
I can't answer that for you, you should have more info on the needs of
this vendor then I. Why did they 'claim' to require this level of access?
What are they trying to 'do for you'? I'd certainly be loath to allow any
vendor this level of access to my systems, especially if this is being
done across the Internet, but even if they were in house at my keyboard,
I'd be over their shoulder the whole time <smile>. Far more is done out
of stupidity of vendor consultants then out of any will do to harm in
cases like this.
Thanks,
Ron DuFresne
On Thu, 20 Dec 2001, Steven Pierce wrote:
>
> Ron,
>
> I agree 100%. I would be asking WHY are they in need of this
> access? If they need access to a server, I would set up one that
> does not give them ANY access to my network. Then I can post
> information on it if needed. Also give them a log in not full access,
> that way (Company) keeps ROOT access...
>
> S
>
> *********** REPLY SEPARATOR ***********
>
> On 12/20/2001 at 12:39 PM Ron DuFresne wrote:
>
> >On Thu, 20 Dec 2001, Steven Bonici wrote:
> >
> > [SNIP]
> >
> >>
> >> I haven't contacted them yet, I thought I would ask here first. Is
there
> >> any documentation or white papers into how this actually works and
what
> >can
> >> be done to protect the machine? Does anyone have any insight into
> >WebEx? I
> >> am really curious as to how easy this is. I know once you go to the
> >WebEx
> >> web site you need to agree and "allow" someone to actually connect,
but
> >it
> >> just seems way too easy.
> >>
> >
> >
> >Just don't install their trojan <smile>. This is basically what you are
> >doing, installing their application that simulates what many trojans do,
> >give unlimited access to the system.
> >
> >Thanks,
> >
> >Ron DuFresne
> >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >"Cutting the space budget really restores my faith in humanity. It
> >eliminates dreams, goals, and ideals and lets us get straight to the
> >business of hate, debauchery, and self-annihilation." -- Johnny Hart
> > ***testing, only testing, and damn good at it too!***
> >
> >OK, so you're a Ph.D. Just don't touch anything.
> >
> >_______________________________________________
> >Firewalls mailing list
> >[EMAIL PROTECTED]
> >http://lists.gnac.net/mailman/listinfo/firewalls
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
