TightVNC requires that ssh be installed. It's a great package, but security is an issue even with ssh. It seems that a malicious person can repeatedly attempt to connect to the server with new passwords. Though it doesn't allow more than X number of attempts (somewher around 5 or 7, I think), it's easy to "reset" its "memory". I can't quite remember, but I think I just tried connecting to a different server to reset the memory; or perhaps, I tried connecting to the same serve from another site. Also, I don't think there was much delay between failed password attempts.
The feature that prevents more than X attempts, I'm not sure if it's built into the viewer or the server. That code is publically accessible. There was a recent post that pointed to a security hacker website showing exactly how the viewer can be modified to more effectively try connecting to a viewer (I think it was by trying different passwords). I believe the password is only checked for a small number of characters in any case. Anyone remember this? Fred ------------------------------------------- Fred Ma Department of Electronics Carleton University, Mackenzie Building 1125 Colonel By Drive Ottawa, Ontario Canada K1S 5B6 [EMAIL PROTECTED] =========================================== _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list
