Firewall Wizards mailing list archives

RE: Using RDP Port 3389

From: "Josh Welch" <jwelch () buffalowildwings com>
Date: Wed, 21 Apr 2004 08:29:35 -0500

Melson, Paul said:

Actually, I think that VNC could be worse than Terminal Services from a
security point of view.  First, its logging is awful.  Second, it can
only be secured by a single password.  Since everyone allowed to use VNC
would know the same password, this doesn't meet the standard for
authentication.  Third, it gives the remote user the console.  If left
logged in, the only thing between a malicious user and eavesdropping or
major destruction is a single password that can't be locked-on-failure,
so it *can* be brute-forced.

There may not be any 0d4y-spl01tz for VNC at the moment, but IMHO, it
suffers from some design flaws that make it less than secure.

That said, I use VNC with my systems at home.  But this traffic is
always tunneled via SSH across the Internet.

PaulM


This is getting to be somewhat OT, but FWIW UltraVNC can be configured to
use Windows logon information, but it seems to be rather slow authenticating
in that scenario.

Thanks,
Josh

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Using RDP Port 3389 woodse (Apr 08)
- <Possible follow-ups>
- RE: Using RDP Port 3389 Melson, Paul (Apr 16)
  - RE: Using RDP Port 3389 Chuck Vose (Apr 20)
- RE: Using RDP Port 3389 Melson, Paul (Apr 21)
  - RE: Using RDP Port 3389 Chuck Vose (Apr 21)
    - RE: Using RDP Port 3389 R. DuFresne (Apr 22)
  - RE: Using RDP Port 3389 Josh Welch (Apr 22)
  - RE: Using RDP Port 3389 Spencer D'oro (Apr 22)
- RE: Using RDP Port 3389 Justin C. Laporte (Apr 27)
- RE: Using RDP Port 3389 Melson, Paul (Apr 27)
  - Security through Obscurity [was RE: Using RDP Port 3389] Gwendolynn ferch Elydyr (Apr 27)
    - Re: Security through Obscurity [was RE: Using RDP Port 3389] Elizabeth Zwicky (Apr 28)