Security Basics mailing list archives

Re: vnc server

From: Philippe De Ryck <philippe.de.ryck () skynet be>
Date: Tue, 24 Jan 2006 00:38:51 +0100

Jared,

Maybe not a VNC-solution, but based on the open ports I'm guessing
you're running some kind of server version of Windows. Since Windows
2000 there is Remote Desktop included, which works in a VNC-kind of way.
The difference is however with RDP (Remote Desktop Protocol) you have a
total separate login (you don't just take over the current screen). As
far as I know, RDP is quite secure and I think it's fast too. I use it
and I can not complain about it.

There even is a linux-client available (just as for VNC) that works just
fine (I have some trouble with the keymaps, but that's because I have a
Dutch Windows which is crap :)).

If you use VNC from Windows -> Windows, you might want to take a look at
ultraVNC (on sourceforge). UltraVNC supports windows-authentication
(which requires the UltraVNC-client if I'm not mistaken). UltraVNC also
supports normal password authentication, which can be used with any
VNC-client.

Good luck

Philippe De Ryck

On Sun, 2006-01-22 at 21:08 -0600, Jared Lyvers wrote:

First off, sorry Simon.  I ment to send this to the list but sent it to
only you instead.

Now, on to my real question.

I'm looking to use VNC on my windows machine for remote logins.  Currently
I only have the following open ports:

25/tcp   open   smtp
80/tcp   open   http
113/tcp  closed auth
1352/tcp open   lotusnotes
5902/tcp open   vnc-2
5903/tcp open   vnc-3
8080/tcp open   http-proxy

Are there any security problems that I may be over looking by using VNC on
my machine?

Regards,

JL



---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

vnc server Jared Lyvers (Jan 23)
- Mobile VLAN Gabriel Orozco (Jan 24)
  - Re: Mobile VLAN Bernardo Wernesback (Jan 25)
    - Re: Mobile VLAN Rodrigo Blanco (Jan 26)
- RE: vnc server Brent P. Gardner (Jan 24)
- Re: vnc server Philippe De Ryck (Jan 24)
- readnotify.com Ebeling, Jr., Herman Frederick (Jan 24)
  - Re: readnotify.com Ansgar -59cobalt- Wiechers (Jan 25)
    - Re: readnotify.com Saqib Ali (Jan 26)
    - Message not available
    - Re: www.readnotify.com Saqib Ali (Jan 27)
    - RE: www.readnotify.com Ebeling, Jr., Herman Frederick (Jan 27)
  - Re: readnotify.com Thierry Zoller (Jan 26)
    - RE: www.readnotify.com Ebeling, Jr., Herman Frederick (Jan 27)
  - Re: readnotify.com Larry Offley (Jan 26)
    - RE: readnotify.com Ebeling, Jr., Herman Frederick (Jan 25)
    - RE: readnotify.com evb (Jan 25)

(Thread continues...)