Security Basics mailing list archives
Re: vnc server
From: "Robert J. Stull" <Stull_Robert_J () cat com>
Date: Tue, 24 Jan 2006 09:29:42 -0500
I strongly discourage VNC, it's not very secure unless you plan on tunneling it through ssh. If you can, your better off using remote desktop, but if that for some reason doesn't work for you, then I would suggest you look into Simple Desktop: http://www.moogsoftware.com/pc%20remote%20control.html Their site looks nasty, but their Simple Desktop program is rather secure since you can choose from several different types of encryption protocols with up to 576 bits. The program is freeware, and you can run it in a browser like you can VNC. I have it running on a few computers that I needed an actual terminal screen on, and so far I haven't had any problems with it. R. James Stull Network Administrator Caterpillar, Lafayette Engine Center "Jared Lyvers" <jared@lewiscommu nications.com> To 01/22/2006 10:08 To PM security-basics () securityfocus com cc Please respond to jared@lewiscommun ications.com Subject vnc server Caterpillar: Confidential Green Retain Until: 02/22/2006 Retention Category: G90 - General Matters/Administration First off, sorry Simon. I ment to send this to the list but sent it to only you instead. Now, on to my real question. I'm looking to use VNC on my windows machine for remote logins. Currently I only have the following open ports: 25/tcp open smtp 80/tcp open http 113/tcp closed auth 1352/tcp open lotusnotes 5902/tcp open vnc-2 5903/tcp open vnc-3 8080/tcp open http-proxy Are there any security problems that I may be over looking by using VNC on my machine? Regards, JL -- // Jared Lyvers // ----------------------- // Director of Interactive // Director of IT // LPI Certified // ----------------------- // www.lewiscommunications.com --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: readnotify.com, (continued)
- Re: readnotify.com Jim Halfpenny (Jan 26)
- RE: readnotify.com Ebeling, Jr., Herman Frederick (Jan 26)
- Re: readnotify.com Saqib Ali (Jan 27)
- RE: www.readnotify.com Ebeling, Jr., Herman Frederick (Jan 27)
- Re: readnotify.com Ansgar -59cobalt- Wiechers (Jan 27)
- Re: readnotify.com Jim Halfpenny (Jan 26)
- RE: readnotify.com HTRegz (Jan 26)
- RE: readnotify.com Ebeling, Jr., Herman Frederick (Jan 26)
- Re: vnc server Scott C. Best (Jan 26)