Symantec is urging businesses that use its pcAnywhere software to gauge their risk tolerance before deciding whether to disable, uninstall or deploy additional security controls to mitigate external threats  to the remote access technology.
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all free of charge. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
When using secure VPN tunnels, it is suggested that Client Management Suite and IT Management Suite customers modify policies counting on pcAnywhere Access Server.Symantec
In a revised pcAnywhere security guide (.pdf), the safety giant outlines best practices that enterprises can take, from upgrading to the most recent version of pcAnywhere, to blocking the default ports on corporate networks and turning off the roaming feature on endpoint machines.
“Symantec is just not recommending anyone specific action will provide an answer for an atmosphere but rather applying a mix of pcAnywhere security best practices at the side of … general security best practices,†the corporate said in its revised technical document.
Symantec issued the newest updates to pcAnywhere last week following a recommendation to disable the software until known security vulnerabilities were addressed. Symantec fears a 2006 breach of its network exposed the pcAnywhere source code and will have given attackers the ability to conduct man-in-the-middle attacks and penetrate corporate networks. The source code surfaced earlier this month in an Internet forum by a hacking group in India along with the source code of outdated Norton Antivirus Corporate Edition, Norton Internet Security and SystemWorks. The company says the2006-era software poses no risk to current Norton customers.
Take action quickly, Symantec says
In its technical guide, Symantec is urging users to take action quickly on all devices that contain pcAnywhere. Disconnected users should disable the pcAnywhere service or connect their systems to the network to apply the required changes, Symantec said.
The company is still urging users of its pcAnywhere Access Server to stop using it and instead host remote sessions via secure VPN tunnels. “When using secure VPN tunnels, it is recommended that Client Management Suite and IT Management Suite customers modify policies relying on pcAnywhere Access Server,†Symantec said.
In addition to listing general best practices like using antivirus, firewalls , email and Web gateways and intrusion detection systems, Symantec is urging its Alteris customers to review pcAnywhere log reports withwithin the Symantec Management Console. The corporate can be recommending administrators limit access to pcAnywhere configuration files to guard against an attacker getting access to configuration settings.
The company also listed a variety of “how to†documents to assist administrators apply configuration changes, uninstall the software or disable it.
Nessun commento:
Posta un commento
Comments links could be nofollow free