Open source security measures?
jnw "at" realvnc.com
Mon Feb 13 10:18:01 2006
I can understand your wanting to discourage misuse of licensed software, but
I am unclear as to how that relates to which edition of VNC to use, since
they're all licensed...
Wez @ RealVNC Ltd.
> -----Original Message-----
> From: vnc-list-admin "at" realvnc.com
> [mailto:vnc-list-admin "at" realvnc.com] On Behalf Of Jorge L.
> Sent: 10 February 2006 20:33
> To: vnc-list "at" realvnc.com
> Subject: Open source security measures?
> > Jorge,
> > Current VNC Server releases include measures to prevent
> brute-force attacks
> > against servers. These prevent attackers from repeatedly
> attempting to
> > connect to the server, trying to guess at the password, making it
> > *extremely* unlikely that the "attacker" in this case tried
> connecting and
> > managed to guess your weak password - it's much more likely
> that the person
> > connecting actually knew what the password would be. Are
> you sure that they
> > weren't simply one of the people that you had previously
> been demoing to?
> > We don't advise use of VNC Free Edition across the Internet
> except via some
> > sort of secure tunnelling protocol. VNC Enterprise &
> Personal Editions have
> > in-built session security for this purpose. All current
> VNC Server releases
> > also support querying the local user to accept connections, which is
> > advisable if you are concerned that the password you are
> using is weak or
> > widely known.
> In the near future I would most likely purchase the Personal or
> Enterprise editions of this program but for educational
> purposes I would
> still love to use open software since I discourage the misuse of
> licensed software. I have been looking for other open source
> such as SSH, Tunneling ect... that can be used in conjunction
> with the
> fee edition of VNC or other editions for that matter. What are your
> opinions? What would offer the best protection? What would sound the
> most secure to clients wanting to work from home securely?
> VNC-List mailing list
> VNC-List "at" realvnc.com
> To remove yourself from the list visit: