Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

GoToMyPC - Is it a serious security risk?

I have a generic question about outbound gotomypc.com sessions.

Does anyone know if there have been verifiable instances of security breaches via gotomypc sessions?

I'm trying to determine exactly what the measureable risk is with allowing outbound gotomypc sessions.

3 REPLIES
Bronze

Re: GoToMyPC - Is it a serious security risk?

First, be sure that they're really gotomypc.com sessions and not regular Citrix NetMeeting sessions. For the former, you should see a client installed on the users computer and traffic to poll.gotomypc.com (see below.) For the latter I don't think you'll see anything except perhaps a ActiveX plugin.

The problem with real gotomypc sessions is that it allows users to bypass your corporate firewall settings, and get -directly- onto their PC. The gotomypc software running on the internal PC reaches out and registers to the primary gotomypc servers, and the user then connects from there (again, bypassing any posture checks you have in your firewall).

In my mind this is Not a Good Thing, mostly because the one instance I had with it was when a user 'shared' out their desktop with a remote client via gotomypc in order to facilitate file transfers, thus giving the client full access to the rest of the network in the process. Incredibly stupid but not entirely unexpected.

From their FAQ (google for "block gotomypc")

you can prevent your company computers from being accessed via the GoToMyPC service by using your firewall to block access to the host poll.gotomypc.com. We do not recommend this method, however, as it prevents all GoToMyPC usage, including your authorized GoToMyPC users.

But, re-reading your question, are you trying to prevent your internal users from Remote'ing into other, off-network GotoMyPC devices, or trying to prevent systems on your network from being remotely accessed?

New Member

Re: GoToMyPC - Is it a serious security risk?

gotomypc.com should be blocked since it bypasses your firewall rules... One could using gotomypc.com, somehow take over a user's PC/laptop at work or inject a virus, etc. Either block via FW, or perimeter router "poll.gotomypc.com".

Also a device like Packeteer and NBAR will categorize traffic as gotomypc. Packeteer can block it but I think NBAR can not block "it just will show you the traffic". Both of which are very useful. I use Packeteer...click on gotomypc and click on top talkers and find which users are doing this and ask them to stop.

New Member

Re: GoToMyPC - Is it a serious security risk?

Thanks for the reply. I cannot believe almost 4 months has passed! I agree with your position.

I don't like the back channel that goto provides - whether it is outbound or inbound.

2714
Views
10
Helpful
3
Replies
CreatePlease login to create content