DoS attack VNC 4.0
sasson "at" insideout.co.il
Tue Aug 31 15:53:00 2004
Don't know which kind of VNC server is started on your flavor of linux .
I guess that it's started by inetd with "wait" option .
I think it needs the "-localhost" option in your case , and the SSH server
tunneling to localhost port 5900 to 59++
"An typical example in inetd.conf might be (all on one line):
5950 stream tcp nowait nobody /usr/local/bin/Xvnc Xvnc -inetd -query
localhost -once securitytypes=none "
see "USAGE WITH INETD" at : http://www.realvnc.com/v4/man/Xvnc.html
----- Original Message -----
From: "Mike Miller"
> I'm not understanding this. Take Linux for example - suppose I use SSH
> port forwarding, but VNC is still there on port 5901. So how does my use
> of SSH prevent an attacker from doing this...
> ...(to port 5901) and killing my VNC session? I thought the point of
> using SSH with port forwarding was to encrypt the session.