Security Basics mailing list archives
RE: RealVNC Security
From: "Johnson, Kevin" <kfj () pitt edu>
Date: Tue, 15 Feb 2005 14:04:55 -0500
Tunneling VNC over SSH is definitely a great move, but it sounds like your problems go a little deeper. The best and first move when you build a machine like this is to harden it like crazy, especially if it's going to be world accessible. Here's a few links that can give some help with that: http://csrc.nist.gov/pcig/cig.html http://www.nsa.gov/snac/index.cfm?MenuID=scg10.3.1 These are a couple of great guides for hardening machines. Also, check out http://www.blackviper.com/. The cornerstone of hardening a machine is disabling unnecessary services. The Black Viper site has some really good info on the services you need and the services you don't. One last suggestion, use a file integrity monitor. GFI has a freeware one and there's a pretty cool perl script out there called fcheck. Kevin Johnson, CISSP Senior InfoSec Analyst CSSD Security Group University of Pittsburgh -----Original Message----- From: Michael Sztachanski [mailto:michael.sztachanski () cadretechnology com au] Sent: Monday, February 14, 2005 19:12 To: Adam Kane Cc: security-basics () securityfocus com Subject: Re: RealVNC Security Use VNC over SSH (putty) http://studweb.studserv.uni-stuttgart.de/studweb/users/etk/etk45567/vnco verssh.html http://www.shebeen.com/vnc_ssh/ or goto http://www.realvnc.com/download.html There is a new enterprise addition with this inbuilt. regards Michael ----- Michael Sztachanski Enterprise Web Applications/Systems Engineer Enterprise Web Services FLIGHTCENTRE TECHNOLOGY (A Division of Flight Centre Ltd) Level 1, 157 Ann Street, BRISBANE QLD 4000 Phone: +61 (0)7 3011 7151 Fax: +61 (0)7 3001 7788 ---------------------------------------------------------------------- __-----_. ______ / \ \ o O O _( )__ / | | \_---_ o._. _( )_ | | \ | |""""(_ Let's see... ) | | |@ | | (_ _) \___/ ___ / | | (__ _) \____(____\___/ | | (________) |__| | | | / \-_ | | |' / \_ "__ _ !_!--v---v--" / "| |>) |""""""""| | _| | ._--""|| | _\_____________|_|_____||________|_ / \
Current thread:
- RealVNC Security Adam Kane (Feb 14)
- Re: RealVNC Security Michael Sztachanski (Feb 14)
- Re: RealVNC Security Adam Kane (Feb 15)
- Re: RealVNC Security Michael Sztachanski (Feb 15)
- Re: RealVNC Security Adam Kane (Feb 15)
- Re: RealVNC Security Alexander Klimov (Feb 17)
- <Possible follow-ups>
- RE: RealVNC Security Johnson, Kevin (Feb 15)
- RE: RealVNC Security Johnson, Kevin (Feb 15)
- Re: RealVNC Security Michael Sztachanski (Feb 14)