Securizing/Logging VNC

[Vinny Vlad]

Hello,

I just subscribed to this list because I'm now addict to VNC and I just got a problem that got me freaking.  Coming back from eating, I saw the habitual grey background of VNC...  Damn, I wasn't using VNC, I closed it @ job, the only place where I'm using it...  I never gave my password to someone, I never wrote it somewhere,,,and the VNC server icon was black but nothing was moving or written or whatever like if someone was remotely controlling my PC.  I didn't take the time to do a netstat that I killed the server so I wasn't able to know who was connected.  Now I'm asking some questions :

1) Is there a place where VNC is logging incoming connections on the server?
2) Else, is there a way for getting VNC logging incoming conenctions?
3) If someone at my job was sniffing me with a packet sniffer and got my password, which options do I have to avoid this?  like using stunnel for getting a VNC connection over SSL (I don't like this one because SSL already got cracked) or using VNC over SSH (got cracked too I think so)...  I'm looking for something high security
4) Is this possible that it's a VNC bug?  or a XP bug which modified VNC's behavior?
5) Someone already got this problem?

My system is an XP 2100+ on Windows XP Pro with RealVNC (WinVNC) 3.3.7 and I'm linked to a switch who's linked to my main router/firewall.

Thanks for any kind of help

Vin Tremblay