Wez:
Heya. So exactly what qualifies as a "failed authentication attempt"? I was trying to connect to a 4.1.1 server (Free edition)
using a tunneling application, and I saw the same error message.
It's possible the tunneling application connects to the VNC Server
with some NULL characters at initiation; is that enough to trigger
an "authentication attempt"?
thanks, Scott
"Too many security failures" indicates that the IP address from which you are connecting has been making lots of connections to the VNC Server that didn't end up being successfully authenticated.
This is a security feature designed to prevent dictionary attacks on servers, by preventing machines from making large numbers of connections to a server over a short period of time.
The message is triggered by 5 failed authentication attempts, at which point a 10 second lockout is applied before the next attempt is permitted. The next failed attempt causes the timeout to be doubled.
Given that (I assume) you are seeing this message in spite of supplying correct credentials each time you try to log in, and that once you see the message you never again get the chance to enter a password, it sounds like something is connecting to the server from the same IP address as your viewer machine and is not authenticating, hence causing the failures.
VNC 4.0 was less secure in this respect, by default, hence the different behaviour.
Cheers,
Wez @ RealVNC Ltd.
_______________________________________________ VNC-List mailing list [email protected] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
