RE : VNC

[Marty <marti () videotron ca>]

It was due mostly to flaws within the software.


Read more about it here : http://www.sans.org/rr/win/VNC2.php

---
Marty!

******************************************

-----Message d'origine-----
De : Jason Dixon [mailto:jasondixon () myrealbox com] 
Envoyé : 29 janvier, 2003 19:53
À : Marty
Cc : security-basics () securityfocus com
Objet : Re: VNC


On Wed, 2003-01-29 at 13:08, Marty wrote:
> Hi,
>
> I remember inquiring last year about VNC as a network remote control 
> solution. Sincere thanks to all those that answered. We stopped the 
> VNC implementation after reading about all the risks related to the 
> product.
>
>
> Our tech people are coming back and charging... again.
>
> My question is simple is the latest version of VNC better than the 
> previous ones and should we allow our tech group to use it to take 
> control of our machines (servers and workstations)...

How is it a security risk when you tunnel it via SSH (pre-shared keys,
of course)?

-J.