Security Basics mailing list archives

RE: RealVNC Security

From: "Johnson, Kevin" <kfj () pitt edu>
Date: Tue, 15 Feb 2005 14:04:55 -0500

Tunneling VNC over SSH is definitely a great move, but it sounds like
your problems go a little deeper. The best and first move when you build
a machine like this is to harden it like crazy, especially if it's going
to be world accessible. Here's a few links that can give some help with
that:

http://csrc.nist.gov/pcig/cig.html

http://www.nsa.gov/snac/index.cfm?MenuID=scg10.3.1 

These are a couple of great guides for hardening machines. Also, check
out http://www.blackviper.com/. The cornerstone of hardening a machine
is disabling unnecessary services. The Black Viper site has some really
good info on the services you need and the services you don't. 

One last suggestion, use a file integrity monitor. GFI has a freeware
one and there's a pretty cool perl script out there called fcheck. 

Kevin Johnson, CISSP
Senior InfoSec Analyst
CSSD Security Group
University of Pittsburgh

-----Original Message-----
From: Michael Sztachanski
[mailto:michael.sztachanski () cadretechnology com au] 
Sent: Monday, February 14, 2005 19:12
To: Adam Kane
Cc: security-basics () securityfocus com
Subject: Re: RealVNC Security

Use VNC over SSH (putty)

http://studweb.studserv.uni-stuttgart.de/studweb/users/etk/etk45567/vnco
verssh.html
http://www.shebeen.com/vnc_ssh/

or 

goto 

http://www.realvnc.com/download.html

There is a new enterprise addition with this inbuilt.


regards

Michael

-----
Michael Sztachanski
Enterprise Web Applications/Systems Engineer

Enterprise Web Services
FLIGHTCENTRE TECHNOLOGY
(A Division of Flight Centre Ltd)
Level 1, 157 Ann Street, BRISBANE QLD 4000

Phone: +61 (0)7 3011 7151
Fax: +61 (0)7 3001 7788

---------------------------------------------------------------------- 

           __-----_.                        ______
          /  \      \           o  O  O   _(      )__
         /    |  |   \_---_   o._.      _(           )_
        |     |            \   | |""""(_   Let's see... )
        |     |             |@ | |    (_               _)
         \___/   ___       /   | |      (__          _)
           \____(____\___/     | |         (________)
           |__|                | |          |
           /   \-_             | |         |'
         /      \_ "__ _       !_!--v---v--"
        /         "|  |>)      |""""""""|
       |          _|  | ._--""||        |
       _\_____________|_|_____||________|_
      /                                   \

Current thread:

RealVNC Security Adam Kane (Feb 14)
- Re: RealVNC Security Michael Sztachanski (Feb 14)
  - Re: RealVNC Security Adam Kane (Feb 15)
    - Re: RealVNC Security Michael Sztachanski (Feb 15)
- Re: RealVNC Security Alexander Klimov (Feb 17)
- <Possible follow-ups>
- RE: RealVNC Security Johnson, Kevin (Feb 15)
- RE: RealVNC Security Johnson, Kevin (Feb 15)