Apologies if this is slightly off-topic, but I'm wondering if anybody has seen a comprehensive list of addresses used by the various "services" that allow unauthorized users to remote into their work computers from home, bypassing corporate security. These things work by making an outbound connection from the target PC to a fixed external site. The user then contacts the external site from their home or traveling laptop, and the site uses the previously-opened connection to create a remote session for them. It's not caught by normal firewall config, because the outbound ssl connection appears to be perfectly legal.
I'm sure this is a valuable tool for some folks, but it breaks security policy by allowing unauthorized remote access, so my client wants the ability to shut it down. My best guess is to build an access control list on their PIX to block the outbound connections to the external servers, but that means I need to know where all of them are. I've got the info for gotomypc.com and logmein.com, but there's at least half a dozen others out there commonly in use, probably a lot more. Most of them provide no useful tech information on their websites, as they're in the business of selling access services to the users, not helping network admins enforce corporate policy. Anybody dealt with this before, or know of a good resource?
Thanks!