SoftEther Could Pass Through Industrial Firewall and IT Managers Should Take It Seriously



In short, SoftEther could imitate the function of intranet and it could use two of all computers to become a virtual network. SoftEther is an applied program of Client/Server framework; Client would imitate a virtual SoftEther and Server would imitate a virtual HUB. Virtual SoftEther connects virtual HUB could and become a Virtual Private Network (VPN) by through SoftEther protocol. In this situation, all applied programs and sharing of files could work successfully and wouldn't be blocked by firewall.
For example, you could setup SoftEther server program in a computer of your company and setup SoftEther client program in a computer of your home. Hence, you could use the computer in your home to connect the computer in your office as if you use computer in industrial network environment and you could access the information that you want.

SoftEther could use Proxy or SSH Server to connect the workstation even if MIS/IT managers already set up the firewall, SoftEther still could pass through it and break the protection structure.

The users could use the same printer, share their information and so on in their Domain Zone through NetBIOS, because NetBIOS could provide these services to save manpower, material resources and system resources. Hence, NetBIOS need opening 139 and 445 ports to work. Some hackers could use these ports to attack the users' workstation due to managers are worried about using neighbor. In May of this year, the 445 port be opened and caused Sasser Worm's dangerous from bad to worse.

DragonSoft Security Team suggests that the managers should set up security Mechanism with firewall or other related security tools to protect the users' data before patch the vulnerability.

How to deal with SoftEther

Some companies would not limit to set up free software, but some free software would cause security problem such as SoftEther. In brief, MIS/IT managers should take security problem seriously and revise their security policy to reduce the company's security risk.

How to use DragonSoft Secure Scanner(DSS) to examine which computers are installed SoftEther
Following these four steps to use DSS to examine which computers are installed SoftEther
  1. Adopt "General Policy" to view the target which you want to examine. If there are many hosts need examining, you could do it for many times to keep the bandwidth in intranet.
  2. Press "Start" button on tool bar to start to examine.
  3. After examining, if DSS scan SoftEther that exist in the computer, you could see the following picture.
  4. Users could deal with Softether by the security policy in the company.
About DragonSoft Security Associates, Inc.
DragonSoft Security Associates is a leading developer in Taiwan for network security software and an active contributor to network security education. Founded in 2002, DragonSoft offers vulnerability management olutions, including vulnerability assessment, System Security Management and intrusion prevention.