I'd like to make a remark to this. Although Foxboro didn't sell the GoGlobalUX (ver. 2.0 and up) I'm using it on our Foxboro system with great satisfaction. GoGlobalUX even works with the quirky Foxboro software like ICC, Display Configurator/Builder etc. Imagine DM/FoxView in one Windoze frame. Click on the ALARM button and the AM pops up in its own Windoze frame. Click in a trend and the trendconfig pops up in its own Windoze frame. Isn't it marvellous to be able to move those frames out of the way.......... It's the package for office dwellers. Cheers, Frits Schouten. NZ-Steel -----Original Message----- From: kevin.niederberger@xxxxxxxxxxxx [mailto:kevin.niederberger@xxxxxxxxxxxx] Sent: Wednesday, 21 January 2004 08:36 To: foxboro@xxxxxxxxxxxxx Subject: Re: [foxboro] Go Global security issue Most Foxboro users who are using the Go Global product will be using versions 1.5 and 1.61. These are the versions that Foxboro sell. Did Graphon say whether these versions use a security method? The Go Global UX products (Ver 2.0 and up) are a different product and are not sold by Foxboro. Regards, Kevin Niederberger, Systems Engineer, Foxboro New Zealand 42 Vestey Drive, Mount Wellington. P.O. Box 629, Auckland, New Zealand. Phone: +64 9 573 7690 "Penndorf, Rocco (RP)" To: "'foxboro@xxxxxxxxxxxxx'" <RPPenndorf@xxxxxx <foxboro@xxxxxxxxxxxxx> m> cc: Sent by: Subject: Re: [foxboro] Go Global security foxboro-bounce@fre issue elists.org 20/01/2004 20:17 Please respond to foxboro Hello list, here is the answer I got from GraphOn (GoGlobal supplier): --------------------------- The current version of the Graphon Unix product is GoGlobal UX 2.1. It sends the user name and password to the Unix via a proprietary binary protocol, rather than via telnet protocol. It can also encrypt all the traffic between the server and the client using SSL. So I believe the current version of the GraphOn product does address your concerns. Thank you -- Evgeny Roubinchtein support@xxxxxxxxxxx --------------------------- Best Regards Rocco -----Original Message----- From: foxboro-bounce@xxxxxxxxxxxxx [mailto:foxboro-bounce@xxxxxxxxxxxxx] On Behalf Of Corey R Clingo Sent: Friday, January 16, 2004 4:31 PM To: foxboro@xxxxxxxxxxxxx Subject: Re: [foxboro] Go Global security issue Importance: Low Yes, it's possible to "sniff" the username/password with Telnet, as it is sent as cleartext, but modern switched networks make this somewhat more difficult. Further, anything you type while in GoGlobal (like passwords to change environments) may likely also be "sniffed". The most widely-used answer to your dilemma is the SSH (Secure Shell) protocol. For a good, free implementation, check out OpenSSH for your AW, available on sunfreeware.com. Nothing is sent as cleartext, and it will tunnel just about any TCP-based protocol over an encrypted channel (i.e., hard to "sniff"). It may even come with Solaris 8, but I'd probably still get the sunfreeware version because it is newer (with security-related software, you want as many bugs to be fixed as possible). Windoze PC clients include the previously-mentioned PuTTY (free), OpenSSH itself running in the Cygwin environment (also free), and SecureCRT (about $100 I think), among others. We use OpenSSH for session establishment and tunneling of the X protocol to Exceed on the PCs. Works great, but some applications (ICC, Display Builder/Configurator, etc.), because of the funky way the I/A software runs them, require more effort for the tunneling. GoGlobal, unlike Exceed, sets up a local X server I believe, and uses its own protocol to communicate to the PC (more like VNC) so it ought to be somewhat easier to set up the tunnel. I don't have GoGlobal, though, so I can't say for sure. Corey Clingo BASF Corp. |---------+----------------------------> | | "Penndorf, Rocco | | | (RP)" | | | <RPPenndorf@xxxxx| | | om> | | | Sent by: | | | foxboro-bounce@fr| | | eelists.org | | | | | | | | | 01/16/2004 01:47 | | | AM | | | Please respond to| | | foxboro | | | | |---------+----------------------------> > ---------------------------------------------------------------------------- --------------------------------------------------| | | | To: "'foxboro@xxxxxxxxxxxxx'" | | cc: | | Subject: [foxboro] Go Global security issue | > ---------------------------------------------------------------------------- --------------------------------------------------| Hello list, i've got a security question regarding GoGlobal. I've heard that Telnet program (GoGlobal is using telnet to establish session to host machine) does not code the username and password information when sending to the hostmachine. So, i've been told, it is possible by using a sniffer program to find out usernames/passwords just by "listening" the network traffic.I really don't what kind of "hacker" knowledge somebody must have to intrude into a enterprise network and catch password information but i think it's worth raising the question and ask for your experiences. Questions: (1) Is there a chance to make GoGlobal more secure? (2) Are there better (more secure) solutions on the market (please provide examples). Best Regards _______________________________ Rocco Penndorf Sr.Process Control Engineer / Acrylic Acid Plant DOW - Boehlen Tel.: +49 (0) 34206-8-7524 Fax: +49 (0) 34206-8-7522 E-Mail: rppenndorf@xxxxxxx _______________________________________________________________________ This mailing list is neither sponsored nor endorsed by Invensys Process Systems (formerly The Foxboro Company). Use the info you obtain here at your own risks. Read http://www.thecassandraproject.org/disclaimer.html foxboro mailing list: //www.freelists.org/list/foxboro to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave _______________________________________________________________________ This mailing list is neither sponsored nor endorsed by Invensys Process Systems (formerly The Foxboro Company). Use the info you obtain here at your own risks. Read http://www.thecassandraproject.org/disclaimer.html foxboro mailing list: //www.freelists.org/list/foxboro to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave _______________________________________________________________________ This mailing list is neither sponsored nor endorsed by Invensys Process Systems (formerly The Foxboro Company). Use the info you obtain here at your own risks. Read http://www.thecassandraproject.org/disclaimer.html foxboro mailing list: //www.freelists.org/list/foxboro to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave _______________________________________________________________________ This mailing list is neither sponsored nor endorsed by Invensys Process Systems (formerly The Foxboro Company). Use the info you obtain here at your own risks. Read http://www.thecassandraproject.org/disclaimer.html foxboro mailing list: //www.freelists.org/list/foxboro to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave EOM NOTICE - This message and any attached files may contain information that is confidential and/or subject of legal privilege intended only for use by the intended recipient. If you are not the intended recipient or the person responsible for delivering the message to the intended recipient, be advised that you have received this message in error and that any dissemination, copying or use of this message or attachment is strictly forbidden, as is the disclosure of the information therein. If you have received this message in error please notify the sender immediately and delete the message. _______________________________________________________________________ This mailing list is neither sponsored nor endorsed by Invensys Process Systems (formerly The Foxboro Company). Use the info you obtain here at your own risks. Read http://www.thecassandraproject.org/disclaimer.html foxboro mailing list: //www.freelists.org/list/foxboro to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave