Hello all, Thank you. How would I disable blacklisting if I decided this was a good option for me? Thanks for all your help, Lee
On 6/1/05, Scott C. Best <[EMAIL PROTECTED]> wrote: > > Wez: > > I agree it *slows down* a dictionary attack, but it cannot > prevent one. I also agree it's a good idea, but not a "free" one: by > adding Blacklisting, you've of course created a denial-of-service > vulnerability (e.g., an applet that did nothing but repeatedly open > and close TCP sockets to 127.0.0.1:5900 <http://127.0.0.1:5900> would > prevent legitimate, > SSH-tunneled VNC connections). > > cheers, > Scott > > On Wed, 1 Jun 2005, James Weatherall wrote: > > > Scott & Lee, > > > > Blacklisting prevents individual hosts from being used to dictionary > attack > > a VNC Server. It's a security feature and disabling it is A Bad Thing. > > > > Regards, > > > > Wez @ RealVNC Ltd. > > > > > >> -----Original Message----- > >> From: [EMAIL PROTECTED] > >> [mailto:[EMAIL PROTECTED] On Behalf Of Scott C. Best > >> Sent: 01 June 2005 17:33 > >> To: [email protected] > >> Cc: [EMAIL PROTECTED] > >> Subject: Re: Blacklisted IP address > >> > >> Lee: > >> > >> Heya. Blacklisting only happens if a client tries > >> and fails to connect repeatedly -- it seems to be about > >> 5 times in a 10 second interval (empirical data, here; > >> I'm not actually sure what the "interval" for failures > >> is). Once blacklisting is triggered, it takes the > >> "BlacklistTimeout" number of seconds until the server will > >> again accept connections from that IP address. > >> > >> To effectively disable this feature, you can set > >> the "BlacklistTimeout" registry key in ../WinVNC4 to "0". > >> But...your email suggests that an IP address is being > >> "blocked", so maybe it's really an AuthHosts problem, not > >> a blacklisting one? > >> > >> Along these lines...I'm not sure I see the point > >> of blacklisting the loopback interface. That's like making > >> sure the front door is securely locked after the bad guys > >> are already in the house. :) > >> > >> -Scott > >> > >>> Does anyone know how to unblacklist an IP address that is > >>> being blocked. _______________________________________________ VNC-List mailing list [email protected] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
