Thin client security presentation

Constantin Kaplinsky const "at" ce.cctpu.edu.ru
Thu, 07 Mar 2002 20:45:36 +0000


Hello Andrew,

>>>>> "AvdS" == Andrew van der Stock <ajv "at" greebo.net> writes:

AvdS> * the inbuilt web server on port 5800 is not necessary for most
AvdS>   people, and is a good DoS target (look at code for greater
AvdS>   clarity on this risk)

Also, Xvnc's RFB port is an _extremely_ easy target for DoS attacks:
single-process and single-threaded Xvnc uses blocking I/O for RFB
communication...

-- 
With Best Wishes,
Constantin
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------