Security...
Alex K. Angelopoulos
alex "at" bittnet.com
Mon Jun 3 06:49:01 2002
Speaking of this, I thought there was an increasing timeout implemented in the
server for successive bad password attempts? I just tried checking this in real
time and found that there was no noticeable delay when I tried about 4
successive "bad" passwords against a Windows TightVNC 1.23 server.
----- Original Message -----
From: "Dave Warren" <maillist "at" devilsplayground.net>
To: <vnc-list "at" realvnc.com>
Sent: Sunday, 2002-06-02 23:52
Subject: Re: Security...
> Shing-Fat Fred Ma wrote:
> > In this situation, it would be very desirable
> > to have the server act unfriendly towards
> > password failures, thereby making it less
> > necessary to use -localhost, thereby
> > making it unnecessary to use ssh to connect.
>
> Another option, set up a secure interface to a software firewall (Or
> hardware firewall, if you can afford it), browser based SSL, and use that to
> unlock VNC as needed.
>
> The VNC session itself is still unencrypted, but at least it's access
> secured.
>
>
> --
> The nice thing about standards, there is enough for everyone to have their
own.
> _______________________________________________
> VNC-List mailing list
> VNC-List "at" realvnc.com
> http://www.realvnc.com/mailman/listinfo/vnc-list