Hi I'm running RealVNC 3.3.7 server on Win98 (Not SE) and connecting thru a loopback connection on an encrypted and locked down Zebedee tunnel. Firewall settings also block access from outside to all normal VNC and Zebedee ports. Access is only thru a highly obscure port into Zebedee. Zebedee is set to use secure public/private keys to verify at both ends that the other computer is known and 256 bit encyption is used. In short without being totally paranoid its fairly secure - certainly very much more secure than VNC can do on its own.
On the VNC server Registry settings: LoopbackOnly = 1 AuthRequired = 0 are set along with a null password. So far so good - works really nicely :-) Now, I want to stop accidental changes at the server end so I set: Registry setting: AllowEditClients = 0 Now on starting VNC server I get an error box: WinVNC Error WARNING: This machine has been preconfigured to allow un-authenticated connections to be accepted and to prevent users from enabling authentication. [OK] I fully understand and accept that: (AuthRequired = 0) & (Password = null) & (AllowEditClients = 0) would normally, to say the least, have some security implications. However, so far as I can see, (LoopbackOnly = 1) & (a secure tunnel) addresses those security implications. The problem is that the error box blocks VNC starting without manual intervention at the remote machine and: Logon VNC>Reconfigure Remote>Reboot>Re-Logon VNC>more configuration doesn't work. So after all that waffle, and in the hope that I have not sent you not all to sleep, I have 2 questions: 1. Is there a way to circumvent the Error Box 2. If not, could the test be changed in a future version of VNC so that the box does not appear if LoopbackOnly = 1. I know that this is just a very minor niggle in really great software. However I do believe a solution would help to improve security whilst reducing fragility of settings :-) Best Wishes Peter Ball _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] http://www.realvnc.com/mailman/listinfo/vnc-list
