1. Does VNC have an audit trail to log a VNC users remote control
activity ?
No. You can track login attempts but nothing else.
2. Can a VNC user disable the need for the receiving computer to have
to allow the caller access. That is can the caller take remote control
of a computer without the users permission ?
If the prompt on the server disabled, remote user can login without any
confirmation from the server user. If the prompt is enabled server user
must confirm the session. If remote user knows windows/unix root
password he can reconfigure vnc remotely using remote registry editing
or file editing on unix and change vnc server settings.
3. Are there any security risks with VNC that I should be aware of ?
Tons! It has any and all security risks associated with giving remote
user full control over your computer. It is roughly the same as allowing
telnet connections to the machine and less secure than say allowing ssh
connections. If you want to open vnc sessions over the Internet you
should probably secure them with some sort of vpn or similar technology.
Ssh should also work.
If you purchase personal or ee of vnc, it will provide encryption and
stronger authentication then free edition. Although I cant tell you how
secure they are. I use VNC ee but only for the mirror driver features. I
use vpn to secure my connections.
Alex
_______________________________________________
VNC-List mailing list
[email protected]
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list
