OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
NFR Wizards Archives: Re: pcanywhere

Re: pcanywhere

Subject: Re: pcanywhere
From: Robert Graham (robert_david_grahamyahoo.com)
Date: Mon Jan 10 2000 - 21:16:21 CST

I presume the original question is how to allow outbound PCanywhere.

PCanywhere sets up a connection by first contacting the target machine using
UDP with a random source port and a destination port of 5632. (For backwards
compatibility, if 5632 doesn't work, it will attempt port 22). Once that has
been established, it will then attempt an outbound connection to port 5631 via
TCP.

The problem is therefore how you can allow inbound UDP responses back through
your firewall. With dumb packet filtering firewalls, this can be tough.

If the question is how to allow inbound PCanywhere, the answer is that you
cannot. Many users install PCanywhere on their PCs with no password protection.
Hackers scan the Internet constantly for such machines, and if you are talking
about a firewall behind which reside many users, your entire company will get
hacked.

--- Crispin Cowan <crispinwirex.com> wrote:
> Louis Mattera wrote:
>
> > I am having a problem getting thru my firewall at work using
> > pcanywhere 9.0.
>
> Good. Your firewall is working :-)
>
> Crispin
> -----
> Crispin Cowan, CTO, WireX Communications, Inc. http://wirex.com
> Free Hardened Linux Distribution: http://immunix.org
>
>

=====
Robert Graham http://www.robertgraham.com/pubs
__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com

This archive was generated by hypermail 2b27 : Wed Jan 12 2000 - 21:59:59 CST