I have Introduced Hamachi to my network, and there are a number of users that are loving it.
However i do have a building concern about its security... Im not worried about intercept traffic the encryption and hanshake is pretty solid from research done. however if i have hamachi running as a server and it joins a network that links it to our internal server how secure is that information.
how much can an attacker that gains physical acces to one of our machiens that has hamachi installed do?
Can he join the network? Gain the network credentials so he can connect from his machine? and in trying to keep the hamachi experience seamless is there anything i can to to prevent some of this.
I know any scrip kid out there can hash the local sam file and do what they want to local users. however what if i remove them entirely? not just disable so only Domain users exist? can the same attack be used? and/or can they get onto the machine and therefore have access to the hamachi network?
also if they were to just physically load the drive what can they learn abiout my hamachi network? can they get my "network/password"?
Any discussion on this is really appreciated.
As this level of physical security is not discussed much so far form my reading.
the best i get is from a Security now interview with Steve gibson
but they dont talk to much about this exact scenario, except to reasure me that the keys to my kingdom are not readily available. but they are there in a form.
I have a topic running on the hamachi forums as well as here.