Hi David, For starters, I'm truly astonished that your security auditors would play with you like that and not offer you a satisfactory solution to the security hole that they compromised your production machine with! It sounds like it's time to look for new security auditors.
It sounds like they gained enough access to your system to start the WinVNC service. That would be a good place to start. Set the folder that winvnc(4).exe resides in as to only allow administrators access to the files. If they still get it to run then you have bigger security issues than VNC. - Steve Bostedor http://www.vncscan.com More than just a VNC manager... -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David McSpadden Sent: Wednesday, August 24, 2005 8:57 AM To: James Weatherall Cc: [email protected] Subject: Securing TightVNC Ok, So I thought I had it. I set the VNC Server to manual in services and then I have a batch file to start the service whenever I need to go into a workstation. This way the user knows I am in and I know the service is off. Well my security auditors are here and they were just happier than anything to be playing on my production box. Adding users, locking me out, you know embrassing me.... How can I lock this down tighter?? _______________________________________________ VNC-List mailing list [email protected] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [email protected] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
