Re: [foxboro] Go Global security issue
- From: "Schouten, Frits JF" <Frits.Schouten@xxxxxxxxxxxxxxxxxx>
- To: "'foxboro@xxxxxxxxxxxxx'" <foxboro@xxxxxxxxxxxxx>
- Date: Wed, 21 Jan 2004 07:26:06 +1100
I'd like to make a remark to this.
Although Foxboro didn't sell the GoGlobalUX (ver. 2.0 and up) I'm using it
on our Foxboro system with great satisfaction.
GoGlobalUX even works with the quirky Foxboro software like ICC, Display
Configurator/Builder etc.
Imagine DM/FoxView in one Windoze frame. Click on the ALARM button and the
AM pops up in its own Windoze frame.
Click in a trend and the trendconfig pops up in its own Windoze frame.
Isn't it marvellous to be able to move those frames out of the way..........
It's the package for office dwellers.
Cheers,
Frits Schouten.
NZ-Steel
-----Original Message-----
From: kevin.niederberger@xxxxxxxxxxxx
[mailto:kevin.niederberger@xxxxxxxxxxxx]
Sent: Wednesday, 21 January 2004 08:36
To: foxboro@xxxxxxxxxxxxx
Subject: Re: [foxboro] Go Global security issue
Most Foxboro users who are using the Go Global product will be using
versions 1.5 and 1.61. These are the versions that Foxboro sell. Did
Graphon say whether these versions use a security method?
The Go Global UX products (Ver 2.0 and up) are a different product and are
not sold by Foxboro.
Regards,
Kevin Niederberger,
Systems Engineer,
Foxboro New Zealand
42 Vestey Drive, Mount Wellington.
P.O. Box 629, Auckland,
New Zealand.
Phone: +64 9 573 7690
"Penndorf, Rocco
(RP)" To:
"'foxboro@xxxxxxxxxxxxx'"
<RPPenndorf@xxxxxx <foxboro@xxxxxxxxxxxxx>
m> cc:
Sent by: Subject: Re: [foxboro] Go
Global security
foxboro-bounce@fre issue
elists.org
20/01/2004 20:17
Please respond to
foxboro
Hello list,
here is the answer I got from GraphOn (GoGlobal supplier):
---------------------------
The current version of the Graphon Unix product is GoGlobal UX 2.1. It
sends the user name and password to the Unix via a proprietary binary
protocol, rather than via telnet protocol. It can also encrypt all the
traffic between the server and the client using SSL.
So I believe the current version of the GraphOn product does address your
concerns.
Thank you
--
Evgeny Roubinchtein
support@xxxxxxxxxxx
---------------------------
Best Regards
Rocco
-----Original Message-----
From: foxboro-bounce@xxxxxxxxxxxxx [mailto:foxboro-bounce@xxxxxxxxxxxxx] On
Behalf Of Corey R Clingo
Sent: Friday, January 16, 2004 4:31 PM
To: foxboro@xxxxxxxxxxxxx
Subject: Re: [foxboro] Go Global security issue
Importance: Low
Yes, it's possible to "sniff" the username/password with Telnet, as it is
sent as cleartext, but modern switched networks make this somewhat more
difficult. Further, anything you type while in GoGlobal (like passwords to
change environments) may likely also be "sniffed".
The most widely-used answer to your dilemma is the SSH (Secure Shell)
protocol. For a good, free implementation, check out OpenSSH for your AW,
available on sunfreeware.com. Nothing is sent as cleartext, and it will
tunnel just about any TCP-based protocol over an encrypted channel (i.e.,
hard to "sniff"). It may even come with Solaris 8, but I'd probably still
get the sunfreeware version because it is newer (with security-related
software, you want as many bugs to be fixed as possible).
Windoze PC clients include the previously-mentioned PuTTY (free), OpenSSH
itself running in the Cygwin environment (also free), and SecureCRT (about
$100 I think), among others.
We use OpenSSH for session establishment and tunneling of the X protocol to
Exceed on the PCs. Works great, but some applications (ICC, Display
Builder/Configurator, etc.), because of the funky way the I/A software runs
them, require more effort for the tunneling. GoGlobal, unlike Exceed, sets
up a local X server I believe, and uses its own protocol to communicate to
the PC (more like VNC) so it ought to be somewhat easier to set up the
tunnel. I don't have GoGlobal, though, so I can't say for sure.
Corey Clingo
BASF Corp.
|---------+---------------------------->
| | "Penndorf, Rocco |
| | (RP)" |
| | <RPPenndorf@xxxxx|
| | om> |
| | Sent by: |
| | foxboro-bounce@fr|
| | eelists.org |
| | |
| | |
| | 01/16/2004 01:47 |
| | AM |
| | Please respond to|
| | foxboro |
| | |
|---------+---------------------------->
>
----------------------------------------------------------------------------
--------------------------------------------------|
|
|
| To: "'foxboro@xxxxxxxxxxxxx'"
|
| cc:
|
| Subject: [foxboro] Go Global security issue
|
>
----------------------------------------------------------------------------
--------------------------------------------------|
Hello list,
i've got a security question regarding GoGlobal. I've heard that Telnet
program (GoGlobal is using telnet to establish session to host machine)
does not code the username and password information when sending to the
hostmachine. So, i've been told, it is possible by using a sniffer program
to find out usernames/passwords just by "listening" the network traffic.I
really don't what kind of "hacker" knowledge somebody must have to intrude
into a enterprise network and catch password information but i think it's
worth raising the question and ask for your experiences.
Questions:
(1) Is there a chance to make GoGlobal more secure?
(2) Are there better (more secure) solutions on the market (please provide
examples).
Best Regards
_______________________________
Rocco Penndorf
Sr.Process Control Engineer / Acrylic Acid Plant
DOW - Boehlen
Tel.: +49 (0) 34206-8-7524
Fax: +49 (0) 34206-8-7522
E-Mail: rppenndorf@xxxxxxx
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
foxboro mailing list: //www.freelists.org/list/foxboro
to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
foxboro mailing list: //www.freelists.org/list/foxboro
to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
foxboro mailing list: //www.freelists.org/list/foxboro
to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
foxboro mailing list: //www.freelists.org/list/foxboro
to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
EOM
NOTICE - This message and any attached files may contain information that is
confidential and/or subject of legal privilege intended only for use by the
intended recipient. If you are not the intended recipient or the person
responsible for delivering the message to the intended recipient, be advised
that you have received this message in error and that any dissemination,
copying or use of this message or attachment is strictly forbidden, as is
the disclosure of the information therein. If you have received this
message in error please notify the sender immediately and delete the
message.
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
foxboro mailing list: //www.freelists.org/list/foxboro
to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
Other related posts:
