On Thu, 2004-04-29 at 14:22, Brian A. Henning wrote: > I remember hearing VNC wasn't safe to do in-the-clear on an unsecured > network... Or is that just X? At any rate, it would simplify your port > issues (at the router, at least) if you tunneled vnc through ssh anyhow.. > or will that be too much of a performance hit? Not that I know how to do > that.. just that it can be done. :-)
Yes, the protocol (rfb?) that vnc uses is wicked simple and can be snooped by just capturing the data stream and playing it back with a slightly modified vncviewer. Really just mouse & keyboard to server and chunks of image to client. You need a man-in-the middle sort of proxy. I set it up for a client last year that wanted to keep records of emergency (fix-the stupid M$-SQL server) off-hours vnc stuff. SSH tunneling it is easy, just port forward. Certainly a performance hit, maybe a couple hundred miliseconds added latency and 25% extra bandwidth usage. That's just guessing about some testing I did over a year ago. Probably not worth it for non-sensitive educational data. -Tim -- Timothy A. Chagnon <[EMAIL PROTECTED]>
signature.asc
Description: This is a digitally signed message part
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
