Hosting Provided By

Re: VNC

From: Glen Mehn <glen(at)myvest.com>
Date: Fri Jan 31 2003 - 13:47:24 EST

Megan Golding wrote:

>On Wed, 2003-01-29 at 13:08, Marty wrote:
Well, enforcing the VNC-over-ssh with port filtering would definitely fit the bill, IMO, but that adds a (small) layer of work on top of it. The issues with VNC seem to mostly be:

--trivially encoded passwords, with a well-known/reversible hash and salt --the simple ability to brute-force the password

In investigating VNC, I also found that you can (somewhat) mitigate the latter problem by enforcing a "lockout after $num failed attempts.

-g

-- 
Glen Mehn		glen@myvest.com
Systems Administrator	MyVest, LLC

Received on Fri Jan 31 19:07:03 2003

This message: [ Message body ]
Next message: Radu Paunescu: "RE: Router Packet Filtering and Firewalls"
Previous message: Naman Latif: "Setting up an IDS system"
In reply to Megan Golding: "Re: VNC"
Next in thread: tony tony: "Re: VNC"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:40 EDT