Firewall Wizards mailing list archives
pcanywhere encryption
From: hermit1 <hermits () mac com>
Date: Fri, 26 Jan 2001 09:07:48 -0800
I wouldn't bother people with this, except Symantec tech support claims to know nothing about how their encryption works. (Actually, they claim their product does not do encryption, it merely passes the data to Microsoft programs for encryption when appropriate. Doesn't that make you feel safe?)
My organization is looking into ways of expanding remote access capabilities. One program we are trying is pcAnywhere from Symantec. The documentation claims there are 4 levels of encryption available:
1. None - Symantec recommends against using this 2. pcAnywhere - Symantec also recommends against using this 3. Symmetric key - recommended4. Public key - recommended as stronger than #3. But as near as I can tell, this has the same level of encryption as #3 except you need a certificate setup to use it.
For symmetric keys, the manual states "pcAnywhere generates a unique public key and uses this key to encrypt and safely pass the symmetric key used to encrypt the session."
Since there is no provision for selecting how the encrypted key gets decrypted by which client or server (there is no statement about which end of the connection generates the keys), the only conclusion I can draw is that the "unique public key" can be decrypted by ANY pcAnywhere host or client anywhere. Well, I can draw another conclusion that both the public and private keys are sent at the same time, but that procedure seems even more stupid than my first conclusion.
Can anyone help out by explaining what Symantec is actually doing to set up encrypted sessions? Symantec can't explain it.
Thanks, hermit1 _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Air gap technologies, (continued)
- Re: Air gap technologies Crispin Cowan (Jan 18)
- Re: Air gap technologies Frederick M Avolio (Jan 19)
- Re: Air gap technologies Crispin Cowan (Jan 19)
- Re: Air gap technologies Avi Rubin (Jan 19)
- RE: Air gap technologies Robert Graham (Jan 22)
- What is a proxy? Robert Graham (Jan 24)
- RE: What is a proxy? Andreas Haug (Jan 25)
- Re: What is a proxy? Gary Flynn (Jan 25)
- Re: Air gap technologies Crispin Cowan (Jan 24)
- Message not available
- Re: What is a proxy? Marcus J. Ranum (Jan 25)
- Re: Air gap technologies Crispin Cowan (Jan 18)
- Message not available
- pcanywhere encryption hermit1 (Jan 26)
- Re: pcanywhere encryption Crist Clark (Jan 29)
- Re: pcanywhere encryption Randy Witlicki (Jan 29)
- Re: pcanywhere encryption Adam Shostack (Jan 29)
- Re: Air gap technologies Aleph One (Jan 24)
- Re: Air gap technologies Frederick M Avolio (Jan 24)
- Re: Air gap technologies Aleph One (Jan 24)
- Re: Air gap technologies Frederick M Avolio (Jan 24)
- Re: Air gap technologies Crispin Cowan (Jan 24)
- Re: Air gap technologies Frederick M Avolio (Jan 25)
- Re: Air gap technologies Crispin Cowan (Jan 25)