vnc and security (and efficiency)
pin "at" math.chalmers.se
Wed, 04 Mar 1998 16:12:00 +0000
Just an idea. I do not volunteer to make anything :)
Skip the rest if you want to.
Challenge authentication protocol sounds good.
Ssh may provide additional security by encrypting all conversations.
What I would like to see is a capability to run vnc server so that it
accepts _local_ connections only, preferably unix sockets when it concerns
a unix server.
If you use ssh you don't want any remote connections anyway.
Why listen on tcp and expose yourself to additional attack scenarios?
This sounds as a proposal for ssh modification, too - to make
Bonus - local (non-tcp) sockets may be more efficient.
Doesn't seem to be hard to implement. Or?
Ivan Popov <pin "at" math.chalmers.se>
Systemman, Driftavdelningen, Matematiska institutionen, Chalmers TH