|
Excellent question. These types of tools pose enormous security risks, as
they allow users to remotely access their PCs across the Internet using
outgoing HTTP access. The tools use HTTP or HTTPS to transmit this
control information, so if you allow your users to surf the Net, they can
use such services. Usually, systems are protected with a user-selected
password, which can often be guessed.
So, how do you block it? Sadly, because it's just HTTP, you can't just
shut it off at the protocol level without stopping all Web surfing.
Unfortunately, you'll have to block each Web site offering these services
at a border firewall or router. Block the IP address range associated
with GoToMyPC.com. Block any others you are concerned about.
Alternatively, you could use Web filtering software to block such access.
The same tool you use to block porn can be used to stop access to these
sites. The popular SurfControl(R) program (www.surfcontrol.com) blocks
www.gotomypc.com as well as www.webex.com. Interestingly, it doesn't
block www.webx.com, which takes you to the same place as www.webex.com.
So, they aren't a perfect solution, but it's better than doing it all by
hand with custom filters. By the way, if you want to see if a particular
site is blocked by SurfControl, you can go to their www.surfcontrol.com
and test to see if it is filtered by their product. Pretty cool feature!
For more information on this topic, visit these other SearchSecurity.com resources:
David Strom's Security Tool Shed: GoToMyPC a nifty utility, but can skirt security measures
Ask the Expert: Tool for monitoring correct e-mail and Internet usage
Executive Security Briefing: Where do you draw the line on employee monitoring?
|
