Steveb "at" tshore.com
Wed Apr 20 02:44:27 2005
I am wondering why expose VNC over the internet in the first place, really. It's my opinion that VNC is really only good for LAN's. Why not use VPN to secure your connection to the remote network before starting VNC sessions? It's much easier to set up on a LAN where you need VNC access to 200 computers than setting up SSH over the Internet!
I can concede that VNC data should be encrypted in some way when traveling the Internet but why do people set up VNC over SSH on local networks? That really makes very little sense to me. If your network is so insecure that you're worried about your VNC traffic being hacked, you've got some pretty big problems!
I connect to a network via VPN and others I connect using encrypted RDP sessions. Once I've made those connections, I can safely use VNC on the remote networks. Why waste all of this time with SSH on Windows computers all over the network when VPN and RDP is so easy to set up?
Yea, William did have a better search phrase than I did. That utility does have limitations and flaws, though.
From: vnc-list-admin "at" realvnc.com [mailto:vnc-list-admin "at" realvnc.com]On
Behalf Of Sean Kamath
Sent: Tuesday, April 19, 2005 4:45 PM
To: William Hooper
Cc: vnc-list "at" realvnc.com
Subject: Re: VNC Security
[In a message on Tue, 19 Apr 2005 10:53:09 EDT,
"William Hooper" wrote:]
>Steve Bostedor wrote:
>> I've scoured the web out of this curiosity, looking for a tool to
>> put VNC packets together into something useful for a hacker. There's
>> nothing. Nada.
>Fifth hit on Google for: vnc capture playback
Google is your friend. Of course, knowing the right phrase or
keywords makes it nice. ;-) That's a very interesting tool, which
should put the fear of the Internet in everyone. . .
Another reason for tunneling VNC over SSH is this: My firewall only
exposes a select few protocols to the outside world. If it weren't
for the fact I have to support other people, I'd likely ONLY have SSH
exposed to the world. Instead I have to have POP/IMAP, SMTP,
etc. . .
The fewer things you expose to the outside Big Bad World, the better.
VNC-List mailing list
VNC-List "at" realvnc.com
To remove yourself from the list visit: