PROTECTED] On
Behalf Of David Balazic
Sent: Wednesday, September 01, 2004 8:03 AM
To: William Hooper; [EMAIL PROTECTED]; 'Alex K. Angelopoulos'
Subject: RE: DoS attack VNC 4.0
> --
> From: [EMAIL PROTECTED]:[EMAIL PROTECTED]
> on behalf of Alex K. Angelopoulos[SMTP:[EMAI
> --
> From: [EMAIL PROTECTED]:[EMAIL PROTECTED]
> on behalf of Alex K. Angelopoulos[SMTP:[EMAIL PROTECTED]
> Sent: 31. avgust 2004 21:47
> To: William Hooper; [EMAIL PROTECTED]
> Subject: Re: DoS attack VNC 4.0
>
> William Hooper
William Hooper wrote:
I disagree. Encryption is something best left to programs that
specialize in encryption. Why try to maintain your own codebase when
there are other secure codebases out there that are easy to set up?
Not to mention the ability to choose the one that best fits your needs
(SSH
Kenton White said:
> In your message dated Tue, 31 Aug 2004 13:33:24 -0400 (EDT), William
> said...
>
>> I don't think anyway has gotten turned away asking how to set up an
>> encrypted tunnel on this list.
>
> In practical steps, how does one set up an encrypted tunnel on two
> Windows
> XP machin
In your message dated Tue, 31 Aug 2004 13:33:24 -0400 (EDT), William said...
> I don't think anyway has gotten turned away asking how to set up an
> encrypted tunnel on this list.
In practical steps, how does one set up an encrypted tunnel on two Windows
XP machines connected over the Internet bo
Mike Miller said:
[snip]
>> I disagree. Encryption is something best left to programs that
>> specialize in encryption. Why try to maintain your own codebase when
>> there are other secure codebases out there that are easy to set up?
>
> Because "people will choose convenience over security no ma
On Tue, 31 Aug 2004, James Weatherall wrote:
The DoS attack only affects VNC Server for Windows - you shouldn't
therefore lose data as a consequence of an attack.
There is no need to set up a firewall, only to use the LocalHost option
to restrict connections to those originating from the local m
C Ltd.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Mike Miller
> Sent: 31 August 2004 16:10
> To: William Hooper
> Cc: VNC List
> Subject: Re: DoS attack VNC 4.0
>
>
> On Tue, 31 Aug 2004, William Hooper wrote:
>
> &g
On Tue, 31 Aug 2004, William Hooper wrote:
People will choose convenience over security no matter what you do.
It will be better, of course, to work SSH into the VNC product
I disagree. Encryption is something best left to programs that
specialize in encryption. Why try to maintain your own code
Mike Miller said:
> On Tue, 31 Aug 2004, William Hooper wrote:
>
>
>> Mike Miller said:
>> [snip]
>>
>>> I'm not understanding this. Take Linux for example - suppose I use
>>> SSH
>>> port forwarding, but VNC is still there on port 5901.
>>
>> Port 5901 is firewalled off from everything but localh
On Tue, 31 Aug 2004, William Hooper wrote:
Mike Miller said:
[snip]
I'm not understanding this. Take Linux for example - suppose I use SSH
port forwarding, but VNC is still there on port 5901.
Port 5901 is firewalled off from everything but localhost. The only way
to cause the issue then is to b
On Tue, 31 Aug 2004, James Weatherall wrote:
The upcoming VNC Server Enterprise Edition (
http://www.realvnc.com/products/enterprise/ ) includes protection from
this and a class of similar but more advanced attacks. This protection
will also be included in the next VNC Server 4 GPL release.
I
Don't know which kind of VNC server is started on your flavor of linux .
I guess that it's started by inetd with "wait" option .
I think it needs the "-localhost" option in your case , and the SSH server
tunneling to localhost port 5900 to 59++
"An typical example in inetd.conf might be (all on one
ded in the next VNC Server 4 GPL release.
Cheers,
Wez @ RealVNC Ltd.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of B Kwok
> Sent: 25 August 2004 23:48
> To: [EMAIL PROTECTED]
> Subject: DoS attack VNC 4.0
>
> Want to verify
Mike Miller said:
[snip]
> I'm not understanding this. Take Linux for example - suppose I use SSH
> port forwarding, but VNC is still there on port 5901.
Port 5901 is firewalled off from everything but localhost. The only way
to cause the issue then is to be a local user.
Of course, since you h
On Tue, 31 Aug 2004, Ran Sasson wrote:
As said numerous times before (along the years of VNC..) :
http://www.uk.research.att.com/archive/vnc/sshvnc.html
http://www.realvnc.com/swish-e/search/vnc-list?pos=0&action=search&query=SSH
http://www.realvnc.com/swish-e/search/vnc-list?pos=0&action=search&qu
d anyway) in the tunneling connection.
Good to know though.
Ran Sasson @ I.O. Ltd.
- Original Message -
From: "Mike Miller" <[EMAIL PROTECTED]>
To: "VNC List" <[EMAIL PROTECTED]>
Sent: Monday, August 30, 2004 11:18 PM
Subject: Re: DoS attack VNC 4.0
> On We
On Wed Aug 25 23:49:00 2004, b kwok wrote:
Want to verify and confirm if this attack sucess by sending more than 60
connections request to VNC server on windows platforms, any fix for that?
http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1068.html
I hope this will be fixed soon. I
Want to verify and confirm if this attack sucess by sending more than 60
connections request to VNC server on windows platforms, any fix for that?
http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1068.html
___
VNC-List mailing list
[EMAIL P
19 matches
Mail list logo