Dave, Do you make it harder for the NT users to retrieve or set the password key from the registry? The password key should be System:FullControl, Administrators:Full Control (and that's it).
Lots of boxes do not have local or remote registry permissions, allowing VNC to be hijacked from the local LAN. Andrew -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dave Dyer Sent: Tuesday, 15 January 2002 1:49 PM To: [EMAIL PROTECTED] Subject: Insecure VNC through corporate firewalls Just a reminder to those concerned about the inherent insecurity of VNC protocols ( and those who would recommend tunneling with SSH ) I've produced a version of VNCViewer and WinVNC which automatically use a secure connection. I've got lots of users and no complaints: http://people.we.mediaone.net/ddyer/znc/zvnc.html --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
