[VPN] SSL VPN

safieradam safieradam at hotmail.com
Fri May 2 04:49:30 EDT 2003


I agree and do not trust it. But GoToMyPC is an interesting model for
research and any resulting analysis should include the issues.  There are
plenty of other programs that do the same thing without the middleman but do
you really trust them if you can't see/understand the source code or know
and trust the vendor?  GoToMyPC is just being pushed real hard in
advertising. The ease of setting these things up and the likely emergence of
less "benevolent" versions makes host based IDS more and more attractive.

BTW, Vincent, you should also be looking at TLS, the "standard" and
Microsoft blessed follow on to SSL.

Adam

----- Original Message ----- 
From: "shannong" <shannong at texas.net>
Cc: <vpn at lists.shmoo.com>
Sent: Tuesday, April 29, 2003 8:26 PM
Subject: RE: [VPN] SSL VPN


> From a security stand point, GoToMyPC is a really bad idea.  Providing a
> third-party with unadulterated access to machines on your internal
> network is not taking your internal security very serious.  In addition
> to giving that provider with access, when they get hacked this
> perpetrator will have access to your PCs as well.  GoToMyPC has HIPAA
> and GLBA issues which make it a legal issue in healthcare and finance,
> respectively.
>
>



More information about the VPN mailing list