I believe many people in the videoconference community run VNC as a desktop sharing application, often unwrapped (i.e. not protected by SSH tunnelling). Apologies to others ....
FYI, we have been the target of some VNC attacks. A couple of Windows machines (at least) that were running VNC server (with a password, albeit not a strong one) were attacked and one was infected with Spybot, later caught by antivirus software, and another remote control application, also caught. There was a 3-week window between the infection and the antivirus update which caught it. This may relate to the RealVNC security announcement a couple of weeks ago. Or it may be password guessing like for SSH; I am not sure at this point. Admins may check Windows Event Viewer, Application log, for "WinVNC4". VNC typically listens on port 5900 So, make sure you turn off VNC when not required, at least until we figure this out .... -- Andrew Daviel, TRIUMF, Canada Tel. +1 (604) 222-7376 (Pacific Time) secur...@triumf.ca
