Security Risks for Log Me In

Eric is correct as far as administrators/users being the weakest link.
When deployment is done with care and LogMeIns optional security features are utilized, the benefits greatly outweigh the risks.
I have listed the URL for Logmein's white paper. This discusses the software architecture and functionality.
https://secure.logmein.com/wp_lmi_security.pdf
David

What about Financial Institutions?  Would this be okay?

Everything that says it's secure could always be made more secure in one way or another.  The important thing is that it meets a certain level of security (256bit encryption for connections and data transmission and password protected login are examples of necessary security).  So in light of this, logmein meets what I would consider to be an essential amount of security for personal and business use.  With that in mind, it could certainly be made more secure.  One example of this would be to have passwords that change every couple of minutes that you read off of a wireless device that only you can see.  This way, even if someone was able to get a hold of your password it would be outdated before they could even use it.  Now this would be overkill for most situations but this is the kind of thing that some financial institutions use to keep things locked down.

So I think that if you are smart about what password you use and how you use it logmein should take care of the rest.  Is it secure enough for financial institutions?  I would say yes with the understanding that it could always be more secure and there are no guarantee's with Internet security.  (And it also depends on HOW BIG of an institution.)  Eric.

Hi Everyone,

My experience with Logmein has not been a good one.  I was running it on a Windows 2003 server with all the latest patches and SP's.  The server has been running years without a problem, about a week after the installation I got two viruses, the first was brute.exe which is a password cracker and the other is called W32.Pinfi which is considered very low.  

I was using the Alert features of the application so I could get critical alerts of the status or health of our server.  I wasn't even using the remote login feature.  

 I had all the default security features enabled including the Advance security option but can't say that I am an expert with the product because I was using it as an Eval.  The remote connection is secured by SSL but the Host program itself is what I want to know if there are any known security holes.  Let me know if anyone had similar problems with this application.

Thank you!!

LogMeIn seems to have brought nothing but problems for a client I saw last night.

A colleague of mine asked me to come into his office to try and rid their network of viruses and malware, as well as do some security hardening on the network. I was told that the client office was either physically being broken into during the wee hours of the morning, or they were being hacked every night. They were sure it was one of the 2, because 2 of there computers were logged in as admin every morning when they had been logged in as the actual users of the systems at closing time.

When I got there and logged onto the first computer, I noticed it was running LogMeIn. This computer had been experiencing all kinds of problems. The IT guy there had found (in the Documents and Settings\administrator\local documents\download folder) all kinds of porn, and all kinds of media dealing with hacking. CDs, Books, pdfs and videos on hacking. When I got there I found only rar files for a OnOne software (still need to look into this).

The computer had also had a Torrent app installed.

The AV program on the computer was overloaded with the amount of viruses (trojans, hackroot toolkits) and other issues it kept finding. There was a particularly destructive program on there called Windows Police Pro. It acts as an AV program, but obviously is quite the opposite. I tried removing it, and was eventually only partially successful. It installed itself in start menus and in the registry and Search n Destroy was not able to get rid of the app in full on reboot... the problem got worse.

Well moving, LogMeIn seems to be the most probable way the the 2 computers were compromised. The local admin accounts had blank passwords. I figure the office was somehow portscanned and determined to be hosting computers with logmein. the hackers the used the admin account and the 2 computers to install their bit torrent and do all sorts of nefarious things.

I cleaned up everything very well. Still waiting to see if they are comprimised again. Funny enough, the router (local carrier DSL router w no admin pw) had been configured also been configured to allow RDP on to the server, and to the infected workstations on different ports! The IT guy there told me no one should have remote access to their network. I disabled all this. I had to check active directory accounts and remove Terminal Server access, had to rename admin account, use pass phrases instead of pws, change local admin accounts, and clean up infested pcs.

Well, again LogMeIn seems to be the most probable way the the 2 computers were compromised.

Any other ideas?