Logmein blocked

[Chris]

logmein is blocked by rm. Is there alternative website offering similar service

[DaveP]

Removed.

[Geoff]

http://www.logmeinhamachi.com/ ?

Failing that, I've been experimenting with DNS tunnels.

http://www.hsc.fr/ressources/outils/.../index.html.en

Rips through the filter/firewall like a knife through butter here.

Also as usual there's the HTTPS/SSL tunnel option.

http://www.hsc.fr/ressources/outils/.../index.html.en

[DaveP]

Correction to my post: It is also blocked by our ISP, IE7 just does not display the normal block page. Firefox does however.

[BKGarry]

have you tried putting https://logmein.com that cuts through our ISP here

[phreak]

We use something called Netviewer. Never seems to have any problems getting onto RM clients although it does require someone on the other side to initiate the client bit of software every time.

[clareq]

RM use logmein themselves, if they need remote access to your server. Strange that they would block it.

[SimpleSi]

Main logmein site is blocked here but the actual https site isn't

https://secure.logmein.com/home.asp

Worth trying

regards
Simon

[animalboy1968]

i found it was blocked today but you can go into your rm admin webpage and allow it. i put *.logmein.com* and this allowed me to access both www.logmein.com and secure.logmein.com and all other pages after that. i don't really understand why they would want to ban it either. i love checking on my downloads from work

[PiqueABoo]

Quote:

I've been experimenting with DNS tunnels.

::cough::splutter:: DNS as covert channel is an idea you're supposed to scare folk with (someone did that to many years ago), but no one was supposed to write it!!

Does this one do the tricky to stop stuff? IOW you give it a DNS domain/zone e.g. example.com, the NS for that zone is the tunnel endpoint and it all works via some nearby DNS box and whatever forwarders that might be using?

Quote:

RM use logmein themselves

AIUI RM paid some money and don't have you bouncing via logmein servers. Logmein is also blocked by my local LEA and it's perfectly obvious why.

[Geoff]

Quote:

Does this one do the tricky to stop stuff? IOW you give it a DNS domain/zone e.g. example.com, the NS for that zone is the tunnel endpoint and it all works via some nearby DNS box and whatever forwarders that might be using?

You need a box somewhere out on the internet running the 'server' end of the software. This box needs to be pointed to as being a DNS server authoritative for some domain. This is easily done with dyndns.org for example.

On the client end you need the client software and tell it what domain it should tunnel to. It'll use the local DNS servers and they will merrily relay the DNS zone info (and thus the data) and be none the wiser.

Basically you end up with a functioning TCP connection between your client system and your remote server using the existing DNS infrastructure. You can then widen this up with SSH and do some port mapping to get what ever application running you want.

World of Warcraft works quite well.

The only effective countermeasures I've seen implemented is to limit the number of dns queries/sec a client can make (not possible with Windows DNS AFAIK) and thus the speed of the tunnel or using IDS signatures to detect the tunnel (running SSH through the DNS tunnel mitigates this)

[PiqueABoo]

Quote:

It'll use the local DNS servers and they will merrily relay the DNS zone info

Oh good

Soooo... assuming you can get away with it, disable recursion/forwarding on internal DNS.

[Geoff]

Yes, or use a real DNS server that allows you to control the queries/sec. You can easily delegate your AD specific sub zones back down to your Windows DNS servers (or just import the records from a DC).