We have turned off all our VNC servers and turn it on only on a need basis. I still have to take a look at the connection logs ... I'll do that and let you know if I find anything. I believe I need to check the application logs in event viewer.
--ritu "Beauford, Jason" <[EMAIL PROTECTED]> wrote: Anytime this happens, my first reaction would be to unplug the network cable, backup my data and REFORMAT. You can no longer guarantee the integrity of the system. Your box has been owned. There have been a lot of these messages popping up on this list recently and from the looks of it, these people are not running the exploitable 4.1.1 version. There may be a zero day in the works or some other exploit (http://www.google.com/search?hl=en&q=vnc+server+exploit&btnG=Google+Sea rch). Either way, I highly recommend removing public facing VNC Servers. Supplement with some other solution such as Hamachi or another 'VPN' solution. My $.02 JMB --------------------------------- Want to be your own boss? Learn how on Yahoo! Small Business. _______________________________________________ VNC-List mailing list [email protected] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
