Full Disclosure mailing list archives
Re: VNC viewers: Clipboard of host automatically sent to remote machine
From: coderman <coderman () gmail com>
Date: Tue, 24 Jan 2012 21:31:46 -0800
On Tue, Jan 24, 2012 at 6:45 PM, Ben Bucksch <news () bucksch org> wrote:
... "The VNC protocol (RFB) is very simple, based on one graphic primitive from server to client ('Put a rectangle of pixel data at the specified X,Y position') and event messages from client to server."
what Dan was trying to point out to you was the vast difference in attack surface between an IP KVM and the VNC protocol and architecture. IP KVM: keyboard, video, mouse interface to physical ports. dumb dumb dumb. VNC: not so simple full of bugs year after year privileged service running on host hooking into various OS facilities and exposing all sorts of vulnerabilities between server and client. sma^H^H^H^H stupid stupid stupid (from a security perspective) if you believe these present *precisely* the same risk profile, well... can i have some of what you're smoking? On Tue, Jan 24, 2012 at 6:34 PM, Ben Bucksch <news () bucksch org> wrote:
On 25.01.2012 02:05, coderman wrote:you keep using that word. i do not think it means what you think it means...Where else did I use that word? And what does it mean, in your understanding, that differs from my usage? I checked the dict and it seems fine.
let me spell it out: your precise equivalency between a KVM device and a VNC service is neither accurate nor correct. http://www.youtube.com/watch?v=OHVjs4aobqs _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: VNC viewers: Clipboard of host automatically sent to remote machine, (continued)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Giles Coochey (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Ben Bucksch (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Giles Coochey (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Ben Bucksch (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Giles Coochey (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Ben Bucksch (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Nick FitzGerald (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Dan Kaminsky (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Ben Bucksch (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Henri Salo (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Ben Bucksch (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine coderman (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Valdis . Kletnieks (Jan 24)
- Message not available
- Re: VNC viewers: Clipboard of host automatically sent to remote machine coderman (Jan 25)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Gage Bystrom (Jan 25)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Carlos Pantelides (Jan 25)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Giles Coochey (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Dan Yefimov (Jan 25)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine GloW - XD (Jan 25)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine GloW - XD (Jan 25)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine coderman (Jan 24)
- Re: VNC viewers: Clipboard of host automatically sent to remote machine Mario Vilas (Jan 25)