http://people.we.mediaone.net/ddyer/znc/zvnc.html
On Monday, 11 February 2002, you wrote: > Hello ... > sorry for earwigging > But where do I get Zvnc from......? > Andrewc > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Richard Harris > Sent: 11 February 2002 10:47 > To: [EMAIL PROTECTED] > Subject: Re: Who is connceted > Hi there, >>>> I have dsl. I am running win98, and when I came home I found someone >>> > connected to my pc via winvnc. Is there a log file I can look at to >>> > see > There is a log file, but it will only be there if you had that option > turned on. It's also deleted if you stop and restart the service.....so, > if you've rebooted your PC since the attack, that's a non-starter. > Also, the IP address of the attacker is likely to be dynamic - if they > are on dial- up and if they are behind a firewall, you are unlikely to > be able to trace their identity. It's not impossible, but very > difficult. > I don't want to tell you how to operate you computer, but VNC - like any > computer program or OS, can be abused. What makes it easy for you to > remote control your home PC, also makes it easy for Joe Hacker. > There's a couple of things you can do - sorry if this is a bit of a > lecture, I've no idea what level of PC knowledge you have. > 1) Set VNC to only allow connections from a set range of IP addresses. > So, if you work / college / mate's computers always connect on range > 202.192.64.x - then set VNC to ignore everyone else. This still isn't > perfect as someone from that range of IP addresses could still attack > your PC. > 2) Put in a firewall - like ZoneAlarm or Norton Personal Firewall. > That's okay to a point - but it isn't going to solve your VNC connection > worries. (it will help stop people attacking or sweeping your PC for > vunerabilities though). > 3) Run zVNC instead of VNC. Zvnc has built in compression/encryption and > listens on port 6000 - as opposed to 5800 and 5900 which are the default > VNC ports. Put a complicated alphanumeric password in - something like > "3Atmy5h0rt5" - it makes brute force attacks much harder. > 4) Go for something like Stunnel on both your home PC and the computer > you want to connect from. With stunnel you can set up secure tunnels > between computer systems and by making VNC only accept local loopback > connections - an intruder would have to crack your tunnel settings > (difficult!!) before he could get to VNC. Stunnel would help prevent > attacks to VNC, but your W98 shares are still likely to be visable. > 5) By far the easiest option - at least in my experience - would be to > use something like Freesco or another linux router. These take care of > 99.9% of your security problems on DSL / cable. You can even set up > secure tunnels or have port forwarding on the router (although that's a bit > risky!) As it's unix, you only need an old 486 / old pentium and two > network > cards. > I've set a few up now and they are easy to do. One of the guys I did it > for isn't an IT wiz and he finds it easy to operate. > I hope that helps! > Later, > Richard > "Service, price , quality: pick any two." > --------------------------------------------------------------------- > To unsubscribe, mail [EMAIL PROTECTED] with the line: > 'unsubscribe vnc-list' in the message BODY > See also: http://www.uk.research.att.com/vnc/intouch.html > --------------------------------------------------------------------- > --------------------------------------------------------------------- > To unsubscribe, mail [EMAIL PROTECTED] with the line: > 'unsubscribe vnc-list' in the message BODY > See also: http://www.uk.research.att.com/vnc/intouch.html > --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
