VNC 3.3.1: passwords and security

Lionel Cons Lionel.Cons "at" cern.ch
Fri, 06 Mar 1998 08:20:42 +0000


Charles Karney <karney "at" pppl.gov> writes:
> 
> Two comments about passwords and security:
> [...]

IMHO, VNC has several security problems, not only with password
handling. Just two out of my mind:

1 - the traffic is sent in clear and does not even have a sequence
    number (like in X): it's easy to sniff a session (e.g. record
    all the keys typed) or even hijack it

2 - the UNIX Xvnc is protected by a random "cookie" made of
	srand(time+$$);
	$cookie = "";
	for (1..16) {
	    $cookie .= sprintf("%02x", int(rand(256)));
	}
    the ps command will happily give you all the info you need to
    find this "secret" key...

One (ORL?) has to decide from the start if VNC supposed to be secure
or not. If yes, we should do a complete audit to find all the
weaknesses and fix them. If not, we should make sure that using VNC
with SSH, tcp_wrappers... is easy and secure.

________________________________________________________
Lionel Cons        http://wwwinfo.cern.ch/~cons
CERN               http://www.cern.ch
-
Life can be only understood backwards, but it must be lived forwards.