Wednesday, October 29, 2008

Bomgar Remote Assistance Tool

I have been tasked to find a remote assistance tool that will allow us to connect to people outside of our network and outside of our control.

Internally we have been using Remote Assistance and Remote Desktop.  This works really well internally but when we start working with our doctors that are currently at another hospital or calling from home we have relied on talking the user through the gambit of typing in ipconfig and other commands to diagnose the problem.  It would be so much easier to just see the screen and to interact with the desktop.

Right now I am very impressed with Bomgar.  Instead of charging for a service forever, we can purchase a hardware solution that we control.  Now we can put that box in our DMZ and use it to deal with outside users and on the rare occation we could also connect with our internal users.  It also looks like it might be able to keep track of some helpdesk tickets.  Whereas it isn't very full featured, it has enough of the basics that I may have looked into using this one solution for issue tracking.



To get bomgar.com to install on Ubuntu Intrepid 64-bit follow these steps.



1. Download the *.desktop file from Bomgar

2. Change permissions on the file through Nautilus so that you can execute the file

3. If you get the error "error while loading shared libraries:
libpng.so.3" then you need to double check /usr/lib/libpng* AND
/usr/lib32/libpng* for a libpng.so.3. This is a 32-bit program so
64-bit users will have to look at the /usr/lib32 directory.

a. if you don't have the file you can create a symbolic link

b. sudo ln -s libpng.so.0.27 /usr/lib32/libpng.so.3

4. The second error I got was "That DESKTOP_INSTALLER" variable is not set"

a. Bomgar's only use for the variable seems to be to rm -f "$DESKTOP_INSTALLER" to remove the installer file

b. export DESKTOP_INSTALLER=/tmp/bomgar-rep.1410 #or a dummy file to sacrifice if you want to keep the installer.

Thursday, October 2, 2008

TCP/IP Design Vulnerabiltiy that Effects Almost All OS

Sockstress vulnerabilities in TCP/IP will collapse internets! [minn.tc]

It looks like a vulnerability similar to the DNS crisis.  Someone seems to have found a way to exploit a SYN-cookie type packet and cause the host server to buffer overload its outbound queue stack and get the machine/ service to reboot with only 10-15 packets a minute.  Now script kiddies don't need to have a massive botnet to take down Yahoo/ Google, only the knowledge of this exploit.