[AccessD] Himachi

Jim Lawrence accessd at shaw.ca
Mon Jan 9 16:55:18 CST 2006


Hi Jim:

This would be true for most beta products but Steve Gibson from www.grc.com
has been absolutely raving about the application. Though Steve is a bit of a
security fanatic he does know his stuff and hammers any programs that do not
match his high standards. When he thoroughly tests a product and then gives
it an A++, I have to assume quality.

Jim  

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Jim Dettman
Sent: January 6, 2006 7:21 AM
To: Access Developers discussion and problem solving
Subject: Re: [AccessD] Himachi

John,

<<This is a 1.0 (actually 0.9.9.9) product and of course many people just
don't touch first release products. >>

  Yeah, I'm in that category for the most part.  I found out a long time ago
that it just doesn't pay to be on that bleeding edge.

  The only time I'll use something new is if there is simply no other way to
get the job done.  But I make darn sure the client knows what were working
with and that we'll most likely have problems.

Jim.


-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com]On Behalf Of John Colby
Sent: Friday, January 06, 2006 9:41 AM
To: 'Access Developers discussion and problem solving'
Subject: Re: [AccessD] Himachi


>> A quick read through the FAQ's and Forums shows a pattern of problems.

You know, I can appreciate that.  However if you take a quick read through
the forums on Norton AV you would find the same.  Same for MacAfee, Zone
Alarm, Microsoft Office, WindowsXP... Do I make my point?  These are all
mature products that have been out for years and they all have "patterns of
problems".

This is a product still in Beta.  What it is is what it is.  They
acknowledge that there are problems, and they have a beta program just as
any other software manufacturer has. This guy is trying to solve a difficult
problem.  He has obviously spent a lot of time and effort on his product,
and his efforts continue.

This is a 1.0 (actually 0.9.9.9) product and of course many people just
don't touch first release products.  I do think that it a real, valid
product that has a marketplace, and that if it works for me, in my
particular circumstances, I will use it.  If I can't get it to work in a
given instance then obviously I won't use it there.  I can tell you that I
use Remote desktop where I can.  I have had instances where it just didn't
work, and I never discovered why.  Same with VNC.  I think this Hamachi
thingie is just another tool, which will work sometimes, and not in others.
When it does, it will solve some problems for me that I am trying to solve.

It doesn't matter to me whether you use it, obviously that is a decision
everyone makes for themselves.  But if "a pattern of problems" were to stop
us from using a product no valid program would ever gain a user base.

John W. Colby
www.ColbyConsulting.com


-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Max Sherman
Sent: Friday, January 06, 2006 9:00 AM
To: 'Access Developers discussion and problem solving'
Subject: Re: [AccessD] Himachi

Dear Jim,
>> A quick read through the FAQ's and Forums shows a pattern of problems.

Yes, you are correct.  I thought the same when I read them, but I didn't
want to mention them as it might detract from the really important issue of
the Rootkit.

Overall, even though I am quite happy to take John's comments on board, I
will not be using it.  As I said before, it is a shame because it is such a
nice concept and one that would have solved a problem for me.

Regards
Max

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Jim Dettman
Sent: 06 January 2006 13:34
To: Access Developers discussion and problem solving
Subject: Re: [AccessD] Himachi


  I don't know about the root kit, but I'm not sure I'd use the software in
any case.

  A quick read through the FAQ's and Forums shows a pattern of problems.
That is not a surprise given that it's new software, but I don't know if
it's something I would use for a client at this point.

  It also doesn't appear to be as forgiving as stated.  I saw a couple of
posts that said "I had to open all UDP ports on my firewall to get it to
work".  I'd never do that at a clients.  So yes, while it will do a NAT
transversal, it's still highly dependent on the Firewall/Router
configuration for it to work properly.  At it currently doesn't work if the
network is restricted to ports 80/443 and using a web proxy.

  The last thing I'd be somewhat nervous about is that it uses obscure
Windows API functions to do it's job.  Given that their not typically used,
they have the potential to buggy.  I saw a few posts that said that when the
software was installed, it interfered with other adapters that were
installed on the system.

  Overall sounds like it needs to mature a bit more.  Neat idea though.

Jim.



-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Max Sherman
Sent: Friday, January 06, 2006 8:15 AM
To: 'Access Developers discussion and problem solving'
Subject: Re: [AccessD] Himachi


Thanks John,
That gives me some insight into it.  I am very wary of any mention of
Rootkits because once they are in, there is little or no chance of
discovering them, let alone removing them without a complete
re-installation.  It is a shame that they did not make mention of the fact
that this would happen right up front, then people could make an informed
decision before undertaking the installation and have prior warning before
the alert flashes on the screen.

>From what you have said, it does sound as if this particular program is
safe.

Many thanks

Regards
Max

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of John Colby
Sent: 06 January 2006 12:51
To: 'Access Developers discussion and problem solving'
Subject: Re: [AccessD] Himachi

Reply,

Protection software mis-identifies software all the time.  It happens.
Hamachi installs a complete network layer because it is setting up a new
LAN.  How can I know that Hamachi isn't spyware or a trojan?  I can't.  How
do you know that any other program that you decide to use is not a Trojan?
You can't.  You have to Google the hell out of the company, look at user's
comments and just accept or not.

Hamachi has been in beta for well over a year.  There are entire lists for
users that play games over it (hundreds if not thousands - I didn't read
them all).  They are on beta release 9.9.9 (getting ready to release the
product).   This thing has been around, have literally 800,000 downloads (no
idea how many active users though).  The designer is a known security expert
from Canada who is releasing this product based on work he did as a
consultant for another company.  He is a known face, can be reached by
email, etc. etc.

Does this sound like a virus writer to you?

John W. Colby
www.ColbyConsulting.com


-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Max Sherman
Sent: Friday, January 06, 2006 2:55 AM
To: 'Access Developers discussion and problem solving'
Subject: Re: [AccessD] Himachi

Dear List,
Just to let you know that when I downloaded and tried to install Himachi, my
protection software kicked in and said it was trying to install a ROOTKIT.
I then abandoned the install and immediately invoked my Restore to Previous
Version (I always create a new restore point before installing any
software).  I went to their Forum and FAQs and found very little on it to
give me any confidence about the Rootkit.  If you are unaware of the harm
that a Rootkit can do to your system, then I strongly suggest you look it
up.

For my part, I will not be using Himachi - shame as it sounded like a good
solution to a problem I had.

Regards
Max

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of John Colby
Sent: 05 January 2006 20:01
To: 'Access Developers discussion and problem solving'
Subject: [AccessD] Himachi

If I can get this thing working I have several immediate applications for
it.  I have two different client companies that need a network between
dispersed locations, specifically so that they can do backups to remote
locations.  I am about to write a piece of code that organizes emails from
contractors into folders. It will strip off attached documents which are
equipment documentation, store them in an external hard disk (usb) and if I
can get this private network working, it will then also write to an
identical external hard disk at my client's home office so that all
documents are immediately backed up in two different physical locations.  If
the client picks up his email at home and runs the program, it will save the
documents to the home office drive, and then also to the drive in his
office.

I have been looking for a way to do this kind of thing that doesn't require
a Notwork guy to maintain the thing.  For it to work, my client has to be
able to set it up on the two machines.  An additional benefit is that I may
be able to set up remote desktop over this virtual network so that I can
support him.  This Hamachi might be just the ticket.

John W. Colby
www.ColbyConsulting.com


-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Fred Hooper
Sent: Thursday, January 05, 2006 6:41 AM
To: 'Access Developers discussion and problem solving'
Subject: Re: [AccessD] OT Super interesting options

There's a good discussion of hamachi at http://www.grc.com/securitynow.htm,
where they are also discussing other ways to do the same thing.

Fred Hooper

--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com


--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com


--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com


--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com


--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com


-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com




More information about the AccessD mailing list