Security Basics mailing list archives
RE: VNC
From: "Spencer D'oro" <sbdoro () attbi com>
Date: Wed, 5 Feb 2003 08:35:12 -0800
As an IT "out-source" Contractor, I sometimes find it necessary to set up remote capabilities, for those clients who aren't easily accesible in a convenient time frame. I use a program called Remote Administrator (RAdmin). I like this app because it can be set with access by password or authentication through Windows NT/2000 security (which I find to be very important). The service is easily configurable (port, connect through host). It uses 128-bit security and has an IP-filter option. It has several different modes of connectivity (full control, file transfer, command-line interface, etc). So I don't sound like a rep for the company, let me list some weaknesses. Works only on Windows and you must use Dial-Up networking to establish a connection if you want to use it with a modem. Also, you can only use one of the remote-control features per connection at a time. Other than that I have found the app very satisfactory. Spencer -----Original Message----- From: Trevor Cushen [mailto:Trevor.Cushen () sysnet ie] Sent: Friday, January 31, 2003 9:19 AM To: security-basics () securityfocus com Subject: RE: VNC Further Chris Berrys suggestion is the use of stunnel or tightvnc www.tightvnc.com www.stunnel.org Hope this helps Trevor Cushen Sysnet Ltd www.sysnet.ie Tel: +353 1 2983000 Fax: +353 1 2960499 -----Original Message----- From: Chris Berry [mailto:compjma () hotmail com] Sent: 30 January 2003 01:46 To: security-basics () securityfocus com Subject: Re: VNC
From: Marty <marti () videotron ca> I remember inquiring last year about VNC as a network remote control solution. Sincere thanks to all those that answered. We stopped the VNC
implementation after reading about all the risks related to the product. Our tech people are coming back and charging... again. My question is simple is the latest version of VNC better than the previous ones and should we allow our tech group to use it to take control of our machines (servers and workstations)...
VNC is great, but doesn't have built in encryption, however you can pipe it through ssh and if you're real paranoid run that through a vpn, then everything is kosher. See their homepage for ssh instructions. Chris Berry compjma () hotmail com Systems Administrator JM Associates "For Sys Admins paranoia isn't a mental health problem, its a marketable job skill." _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus **************************************************************************** ********** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this message in error please notify SYSNET Ltd., at telephone no: +353-1-2983000 or postmaster () sysnet ie **************************************************************************** ********** --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.445 / Virus Database: 250 - Release Date: 1/21/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.445 / Virus Database: 250 - Release Date: 1/21/2003