RE: [NTSEC] PC Anywhere Policy

Tue, 22 Feb 2000 10:29:33 -0800 


TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED]  Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------

First, the people who deploy PCAnywhere available to the net almost
deserve to be hacked as script kiddies scan large sections of the net
daily looking for vulnerable targets(IMHO).

Second, for security's sake, change the standard ports, and implement
a password as there is no password by default. If your use is internal,
you can leverage your WinNT ID & Group structure for access to the 
target machines. 

If your worried about UserID's and PW'ds being sniffed, make sure all
systems you are installing it upon, are 128Bit systems as PCAnywhere 8.0
and higher utilize the microfoot CryptoAPI's to encrypt the userID & PW.  

        Hope this helps. 

        Joey Welt


-----Original Message-----
From: Troy Henley [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 21, 2000 7:47 AM
To: 'Pancamo, Dan L'; [EMAIL PROTECTED]
Subject: RE: [NTSEC] PC Anywhere Policy



TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to [EMAIL PROTECTED]
Contact [EMAIL PROTECTED] for help with any problems!
---------------------------------------------------------------------------

I know of one 'issue' that a friend shared with me.  If you setup PCAnywhere
as TCP/IP remote controller and you type in a certain host address you get a
list back of every PCanywhere host sitting on the internet.  I forgot what
the magic IP address was that you needed to type in to listen to every
machine on the net but it is a big problem.  I saw someone go through these
steps and it was amazing all of the dozens of computers that showed up in
our host list.

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
Behalf Of Pancamo, Dan L
Sent: Wednesday, February 16, 2000 11:27 AM
To: [EMAIL PROTECTED]
Subject: [NTSEC] PC Anywhere Policy



TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to [EMAIL PROTECTED]
Contact [EMAIL PROTECTED] for help with any problems!
---------------------------------------------------------------------------

Does anyone have a policy on NT remote management tools specifically PC
Anywhere?   We want to know what measures need to be taken to secure PC
Anywhere.

Thanks

Dan

Reply via email to