On Tue, 31 Aug 2004, William Hooper wrote:
Mike Miller said: [snip]I'm not understanding this. Take Linux for example - suppose I use SSH port forwarding, but VNC is still there on port 5901.
Port 5901 is firewalled off from everything but localhost. The only way to cause the issue then is to be a local user.
I see. That makes sense. Of course this means that in addition to setting up SSH on both ends, you have to set up a firewall. I guess that isn't hard for experts, but it's tricky for your average Joe. So most people are going to take the insecure route, which may be bad for VNC's word-of-mouth advertising. It will be better, of course, to work SSH into the VNC product and fix the DoS vulnerability.
Of course, since you have an SSH session, restarting the VNC server isn't that big of a deal...
You can lose data.
Mike _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
