The following smells like a bug to me. Please advise if you
agree. Also note the question below.
I hit the "too many security failures" situation trying to remotely
access a system with problems. OK, I understand the blacklist,
timeout and recovery implementation from other postings to this
list. But a strange thing happens when I try to connect again: I get
an apparent connection (post-timeout), it asks for the password, and
immediately switches to the "Do you want to try again" message along
with the "Too many security failures" message.
Now, initially, I was interpreting this as meaning that I was getting
a connection but I was still failing the authentication. It happened
on three different computers on my home network, though one was a
virtual computer running W2K under VMWare. However, when I dialed
into the Internet and tried a connection I got "unable to connect to
host: connection timed out (10060)". The same thing happened when I
took my laptop to work and used my connection there. And finally, my
(remote) son attempted the same connection with the same results.
I am still struggling to get the remote system correctly operating
(it appears to have a problem unrelated to VNC), so until I am able
to clear this I don't have a definitive case.
However, my interpretation of what I am seeing is as follows:
1. When attempting to connect from the blacklisted IP address, the
Viewer misses the connection time-out failure and proceeds as if it
had a successful connection.
2. When attempting to authenticate against the apparently successful
connection (that was nonetheless unsuccessful), it gets a timeout
failure and treats that event as if the password were incorrect,
re-blacklisting the IP address.
3. When I can connect from another IP address, the networked IP
address will successfully connect and clear the blacklist.
Do you agree?
Question: where is the authentication blacklisting occurring? I
assumed that it should be happening at the remote system, but that
would appear to be contrary to the observation that I cannot get a
connect from 3 IP addresses that have not been blacklisted.
_______________________________________________
VNC-List mailing list
[email protected]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
