Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Log Me In

  1. #1
    Junior Member
    Join Date
    Feb 2008
    Posts
    44

    Default Log Me In

    I was browsing the net and saw this site, logmein.com where you can basically have remote access to your own computer through an internet website. Imagine if a black hatter broke into that website, or sniffed your password while you were logging in?

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by 1shot_1kill View Post
    I was browsing the net and saw this site, logmein.com where you can basically have remote access to your own computer through an internet website. Imagine if a black hatter broke into that website, or sniffed your password while you were logging in?
    It's even worse than you think.

    The client software that's installed maintains permanent contact with their servers. I had a contractor install it on one of my servers at the office because they needed remote access. Once I determined (about 10 minutes after he installed it), I ripped it back out.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3
    Junior Member
    Join Date
    Feb 2008
    Posts
    44

    Default

    Streaker, you've got me very interested by alot of your posts and replys here. You said that you monitor and maintain a water treatment facility? I remember you talking to me about electronic automation and modbus+. I'm taking the automation course right now, but as a side hobby i'm learning how to use backtrack and networking. Did you say there are jobs out there that use networking to in fact monitor all the machines from one office? Do you think that there is a certain program in schools to do this? Or would it be I'd have get the electronic and industrial automation degree, Then go for a networking degree.
    I'm hopin to milk out the free money for school from the military Disability from a deployment in my ears and back I should get as much out of it as I can.

  4. #4
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by streaker69 View Post
    It's even worse than you think.

    The client software that's installed maintains permanent contact with their servers. I had a contractor install it on one of my servers at the office because they needed remote access. Once I determined (about 10 minutes after he installed it), I ripped it back out.
    What you say is true, but that doesn't necessarily make it a bad product. Until someone shows me a legitimate, exploitable weakness in LogMeIn, I will use it.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  5. #5
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by 1shot_1kill View Post
    I was browsing the net and saw this site, logmein.com where you can basically have remote access to your own computer through an internet website. Imagine if a black hatter broke into that website, or sniffed your password while you were logging in?
    Honestly, that's a stretch.

    All LogMeIn traffic is SSL. Even if someone logged into my account, each connection has an additional access code just to "see" the desktop. And third, they still can't access my desktop without my desktop's password. Not impossible to do, but not trivial either.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  6. #6
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by theprez98 View Post
    What you say is true, but that doesn't necessarily make it a bad product. Until someone shows me a legitimate, exploitable weakness in LogMeIn, I will use it.
    I fail to see any good reason that a third party needs to maintain a persistent connection in order to provide said service. Aside from wasting my bandwidth and leaving a persistent hole for other malicious parties to notice and try to take advantage of.

    What you're saying is kind of like leaving your house door unlocked until after you've been broken into at least once.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  7. #7
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by thorin View Post
    I fail to see any good reason that a third party needs to maintain a persistent connection in order to provide said service. Aside from wasting my bandwidth and leaving a persistent hole for other malicious parties to notice and try to take advantage of.

    What you're saying is kind of like leaving your house door unlocked until after you've been broken into at least once.
    Honestly, that's a bad analogy. The door is never "unlocked", and no one has previously broken in. The connection is encrypted, and the bandwidth is minimal.

    Again, if someone can show a plausible way to take advantage of it, I'd love to hear.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  8. #8

    Default

    What advantage does logmein have over any of the free VNC programs, like UltraVNC?
    The link budget is not a problem, we intend on splitting the bill...

  9. #9
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by radioraiders View Post
    What advantage does logmein have over any of the free VNC programs, like UltraVNC?
    (L)Users with no idea of what constitutes a tunnel, or setting up VNC, or even what an IP Address is, can easily set it up. Plus, since they can do it through the web interface, it isn't scary for them and is easy for them to bookmark their own PC.
    Thorn
    Stop the TSA now! Boycott the airlines.

  10. #10
    Junior Member
    Join Date
    Aug 2007
    Posts
    63

    Default

    I use LogMeIn for example because my PC dont have a external IP address so cant reach it from anywhere, I think LoGMeIn is better than VNC,PcAnywhere ... cause work from PC that are behind a NAT , also for the encryption used.


    sorry for my english is not so great , hope you got the point

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •