On Tue Sep 26, 2006 at 07:02:53AM -0700, Ritu Sinha wrote:
> I have VNC server 4.1.2 installed on a remote machine running XP. I
> have used it for a few months and it has worked great. But recently,
> whenever I connect to this machine using the VNC Client, after
> sometime, it seems like someone else sneaks in and starts running the
> command prompt. I have to kill the VNC server to stop any damages. One
> time, I stayed on long enough to see that an "ftp" command was getting
> typed on the command prompt. I have set up the server with password
> authentication.
>
> Has anyone else seen this behavior? Any help or pointers will be
> greatly appreciated.
>
> --Ritu
>
Firstly I'd make sure that it is definitely 4.1.2 you've got installed
and not an earlier version (with the security flaw). Secondly, are you
certain it's a remote user and not a local one? You should be
able to see the history of any connections in the Windows system logs.
If it is a remote user (or a pre 4.1.2 server) then I'd recommend a
reinstall of XP, or at least a full system check and change of all
passwords.
Note also that standard VNC is not really secure for use over a public
network - while the VNC password is not sent in the clear, all other
traffic is sent unencrypted and is therefore open to snooping. If
you're needing to connect in this manner then I'd recommend either one
of the commercial variants of RealVNC (with built-in encryption), or
tunneling over an encrypted link (e.g. VPN, ssh, zebedee).
Cheers,
Robin
--
___
( ' } | Robin Hill <[EMAIL PROTECTED]> |
/ / ) | Little Jim says .... |
// !! | "He fallen in de water !!" |
[demime 1.01d removed an attachment of type application/pgp-signature]
_______________________________________________
VNC-List mailing list
[email protected]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
