Dave:From: David Smith <[EMAIL PROTECTED]>I would say the first is more secure. Regularly changing your password would also be a good idea since the VNC password chat is not exceptionally strong, but it is much better than passing your login and password in the clear.Hello,Without ssh, is it better to connect from a PC veiwer to a solaris server over the internet, or the following: start the solaris server with -localhost, telnet into the sun box and use vncconnect to make the server connect to your remote PC viewer.
From: Dave Dyer <[EMAIL PROTECTED]>
Or you could use zVnc, which incorporates ssh-class encryption
into the basic vnc communication stream.
http://home.attbi.com/~davedyer/znc/zvnc.html
It looks pretty handy. But I think I'll rely on
my SysAdmin to look after the security arrangments.
I'm not using stock VNC, I'm using TightVNC. If I
keep security as a separate layer, I can migrate with
the technology as it changes.
Dave:
About relying on VNC's authentication, what's your
view on the fact that running the server without
-localhost allows repeated attempts at connection?
I know that after a number of tries, it refuses
connection, but I seem to recall that just changing
where you try to connect from will reset that. I
haven't delved into the code, but is that behaviour
embedded in the viewer? There was a posting a while
ago showing that the viewer can be modified into an
"attack" machine, but I don't recall seeing too much
discussion following up.
In the end, I realize that the secure way is through
an ssh tunnel.
Fred _______________________________________________
VNC-List mailing list
[EMAIL PROTECTED]
http://www.realvnc.com/mailman/listinfo/vnc-list
