> This worm is reported to use VNC as the active control component of > infected machines. [..] > I don't know that there is much we can do, but it has to be > bad news that > VNC is being used as the control agent in this attack.
It is bad news for the popularity of vnc, off course. However, it isn't all that bad news for what the virus does/can do. Indeed, as far as remotely controlling a pc for DDOS or other 'script kiddie' stuff goes, things couldn't be much worse than vnc: - easily detectable 1 : the files are obvious, named vnc, and if the dialog box pops up everywhere, seem to be badly integrated as well - easily detectable 2 : if someone does take control of your pc, you'll see the mouse move etc. In fact, monitors will wake up form sleep mode as well, making it all the more visible. - non-automatable: I don't see a script kiddie easily issuing a 'start DOS attack' command to a 1000 infected computer through vnc - might not work: Not sure what will happen if you already have vnc with a password set. Problably the password will stay, or you'll notice it has gone away and you'll set it again. Either way, bad guy can't connect. It might also increase knowledge about vnc, but may obviously also damage it's good name and popularity. The wierd thing is: the creator of the virus may be on this list... (s)he may even have asked questions about how to integrate vnc in the last few weeks/months. Wierd idea... Arnt _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list
