Mike, The DoS attack only affects VNC Server for Windows - you shouldn't therefore lose data as a consequence of an attack.
There is no need to set up a firewall, only to use the LocalHost option to restrict connections to those originating from the local machine. Wez @ RealVNC Ltd. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Mike Miller > Sent: 31 August 2004 16:10 > To: William Hooper > Cc: VNC List > Subject: Re: DoS attack VNC 4.0 > > > On Tue, 31 Aug 2004, William Hooper wrote: > > > Mike Miller said: > > [snip] > >> I'm not understanding this. Take Linux for example - > suppose I use SSH > >> port forwarding, but VNC is still there on port 5901. > > > > Port 5901 is firewalled off from everything but localhost. > The only way > > to cause the issue then is to be a local user. > > I see. That makes sense. Of course this means that in addition to > setting up SSH on both ends, you have to set up a firewall. > I guess that > isn't hard for experts, but it's tricky for your average Joe. > So most > people are going to take the insecure route, which may be bad > for VNC's > word-of-mouth advertising. It will be better, of course, to > work SSH into > the VNC product and fix the DoS vulnerability. > > > > Of course, since you have an SSH session, restarting the VNC server > > isn't that big of a deal... > > You can lose data. > > Mike > _______________________________________________ > VNC-List mailing list > [EMAIL PROTECTED] > To remove yourself from the list visit: > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
