On Tue, 31 Aug 2004, Ran Sasson wrote:
As said numerous times before (along the years of VNC..) : http://www.uk.research.att.com/archive/vnc/sshvnc.html http://www.realvnc.com/swish-e/search/vnc-list?pos=0&action=search&query=SSH http://www.realvnc.com/swish-e/search/vnc-list?pos=0&action=search&query=STunnel
Do NOT use the VNC strait open to the Internet or any unsecured network for that matter. It means that the VNC connection should be encapsulated inside an encrypted tunnel of some kind (SSH, Stunnel .. ). Therefore, you can limit the simultaneous connections to max less than 60 (as I think you should anyway) in the tunneling connection. Good to know though.
I'm not understanding this. Take Linux for example - suppose I use SSH port forwarding, but VNC is still there on port 5901. So how does my use of SSH prevent an attacker from doing this...
http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1068.html
...(to port 5901) and killing my VNC session? I thought the point of using SSH with port forwarding was to encrypt the session.
Mike _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
