FW: [SA-list] Problem with SA and W3K/Terminal Server Service

[Jason Passow]

“with VNC  the password for connection is transmitted encrytet, the normal network traffic for the session is send in cleartext over the nework. And normally, when the VNC-Server is running on a maschine, they use a weak pw like admin or something else. So if you get an internal Audit, they will probably sniff the network............. “   I encourage youa gain to check out [EMAIL PROTECTED] at http://ultravnc.sourceforge.net/ with the encryption plug in available at http://home.comcast.net/%7Emsrc4plugin/.   All traffic including the password is encrypted and [EMAIL PROTECTED] has built in support for MS logon.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, February 16, 2004 3:59 AM To: [EMAIL PROTECTED] Subject: RE: [SA-list] Problem with SA and W3K/Terminal Server Service   Hi Terry, with VNC  the password for connection is transmitted encrytet, the normal network traffic for the session is send in cleartext over the nework. And normally, when the VNC-Server is running on a maschine, they use a weak pw like admin or something else. So if you get an internal Audit, they will probably sniff the network............. You can make VNC more secure using ssh (read here : http://www.uk.research.att.com/archive/vnc/sshvnc.html ), but i never tried this. So no experience for this. With pcAnywhere you can set encrytion for session and logon only possible using accounts from Local Administration Group and/or  net work/domain group. so without a valid login you have no access to the pcAnywhere session or the Server. as we have had an audit last year, they had no problems with pcAnywhere and mentioned settings , but they searched the whole network for running VNC-Servers or Sessions and tried to hack.............. I'm clearly no friend of such products (pcAnywhere and VNC), cause they have their own problems too and sometimes their own securitywholes on board. but better using such a product than pending the whole day during datacenter and desk or have my desk in the datacenter. only my experience i have made in the past with audit's and VNC / pcAnywhere.................. Roland