DoS attack VNC 4.0
mbmiller "at" taxa.epi.umn.edu
Tue Aug 31 15:18:00 2004
On Tue, 31 Aug 2004, Ran Sasson wrote:
> As said numerous times before (along the years of VNC..) :
> Do NOT use the VNC strait open to the Internet or any unsecured network for
> that matter.
> It means that the VNC connection should be encapsulated inside an encrypted
> tunnel of some kind (SSH, Stunnel .. ).
> Therefore, you can limit the simultaneous connections to max less than 60
> (as I think you should anyway) in the tunneling connection.
> Good to know though.
I'm not understanding this. Take Linux for example - suppose I use SSH
port forwarding, but VNC is still there on port 5901. So how does my use
of SSH prevent an attacker from doing this...
...(to port 5901) and killing my VNC session? I thought the point of
using SSH with port forwarding was to encrypt the session.