too many authentication errors

Mark Rainford Mark.Rainford "at" jet.uk
Wed Apr 25 16:38:03 2007 

Hi Wez

Thanks for confirming that. Unhappily for us at least, there are a few
hurdles: we patched 3.3.3r2 for local needs, but were too far behind
(VNC 4 was out) by the time we considered submiting our upgrades back
to the source.  As ever, we are also sadly short of effort.

BTW you do a sterling job on this list, and seem blessed with infinite
patience. Thanks for the product and the support.

On Wed, 25 Apr 2007 @3:56pm, James Weatherall wrote

> Hi Mark,
> 
> VNC 3.3.3r2 is an extremely old version.  Simply upgrading to a VNC 4 series
> server will address Joel's issue.
> 
> Cheers,
> 
> Wez @ RealVNC Ltd
>  
> 
> > -----Original Message-----
> > From: vnc-list-admin "at" realvnc.com 
> > [mailto:vnc-list-admin "at" realvnc.com] On Behalf Of Mark Rainford
> > Sent: 25 April 2007 13:24
> > To: joel "at" exc.com
> > Cc: vnc-list "at" realvnc.com
> > Subject: Re: too many authentication errors
> > 
> > > joel "at" exc.com wrote:
> > > > I've been using VNC happily for for many years now, with 
> > a Xvnc server
> > > > (Xvnc version 3.3.3r2+tight1.1p9) and a variety of clients, most
> > > > recently RealVNC 4.1.2
> > > >
> > > > Last week, I found I could no longer connect, because of "too many
> > > > authentication errors."  It seems that someone has been 
> > trying, so far
> > > > unsuccessfully, to break into my Xvnc server.
> > 
> > This problem is present in AT&T Xvnc version 3.3.3r2 (dunno 
> > about other 
> > versions).
> > 
> > It's an attempt to protect against password guesses, but 
> > unhappily goes 
> > awry.
> > 
> > After 5 bad password attempts a back-off kicks in for a few 
> > minutes which 
> > refuses *all* new connections with error "Too many authentication 
> > failures".  The back-off period is re-doubled for each 
> > refused connection. 
> > It only takes a handful of these to lock the server out to 
> > new clients for 
> > hundreds of hours.
> > 
> > AFAIK the only cure is to fix your copy of the source code, or find a 
> > version which doesn't have this behaviour.  Alternatively, 
> > try to minimise 
> > exposure of your vnc port, eg by using a port number well out of the 
> > common range for scanners, or by restricting access at the 
> > network level.
> > 
> > -- 
> > Regards,  Mark.
> > _______________________________________________
> > VNC-List mailing list
> > VNC-List "at" realvnc.com
> > To remove yourself from the list visit:
> > http://www.realvnc.com/mailman/listinfo/vnc-list
> > 
> 
> 

-- 
Regards,  Mark.