Speaking of this, I thought there was an increasing timeout implemented in the server for successive bad password attempts? I just tried checking this in real time and found that there was no noticeable delay when I tried about 4 successive "bad" passwords against a Windows TightVNC 1.23 server.
----- Original Message ----- From: "Dave Warren" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, 2002-06-02 23:52 Subject: Re: Security... > Shing-Fat Fred Ma wrote: > > In this situation, it would be very desirable > > to have the server act unfriendly towards > > password failures, thereby making it less > > necessary to use -localhost, thereby > > making it unnecessary to use ssh to connect. > > Another option, set up a secure interface to a software firewall (Or > hardware firewall, if you can afford it), browser based SSL, and use that to > unlock VNC as needed. > > The VNC session itself is still unencrypted, but at least it's access > secured. > > > -- > The nice thing about standards, there is enough for everyone to have their own. > _______________________________________________ > VNC-List mailing list > [EMAIL PROTECTED] > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list
