Expert VNC'ers Please read and recommend

Scott C. Best sbest "at" best.com
Sun Jan 25 23:30:00 2004


F.S:

	Just to add to Dustin's good reply: Kaboodle uses
Zebedee for it's LAN-to-LAN connections. Similar to SSH, you
can activate a "debug" mode to Zebedee, and then look thru the
log file to see what encryption is being used on your data.
E.G., add the -v switch to SSH and you'll see something like:

debug1: Encryption type: blowfish
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.

	If you trust your SSH client (ie, check the MD5 has
of the binary you have with the website you got the client
from), this should be sufficient proof. If not...you could
try setting up a terminal session, and then force some known
text thru it. Using a packet-capture tool like tcpdump, you
can search to see if the known text ever appears. Typically
this is done with the ping command:

	ping -p FEEDFACEDEADBEEF <target address>

	If *that* doesn't serve as enough proof for you...you
should consider hiring a security auditor professional and
have them certify your deployment. Maybe even two or three
of them if you don't believe the first one. :)

cheers,
Scott

> Download a packet sniffer like this one: http://www.ethereal.com
> It will show that all of the data is an SSH packet (except maybe for a few
> ack requests)
> If this it does show ssh then everything is encrypted, if it shows tcp then
> it might not be.
> Also, you would know if vnc is going through ssh because on the vncviewer
> you must input
> localhost as the remote server (because it is being tunneled).
>
> Cheers,
>     Dustin
>
> ----- Original Message -----
> From: "F S" <storagefs "at" yahoo.com>
> To: <VNC-List "at" realvnc.com>
> Sent: Saturday, January 24, 2004 4:37 PM
> Subject: Expert VNC'ers Please read and recommend
>
>
> > Hello everyone.
> > I am new to VNC and figured it all out fairly quickly.
> >  I just need someone to help me understand the
> > Security part of it.  I have setup an ssh server with
> > cygwin and it seems to all be working.  But HOW CAN I
> > TELL?  I need to be sure it is secure.
<snip>