NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Security Implications of using VNC Viewer /WinVNC



Gopinath,
You shuold not consider this safe at all. The passwords are encrypted, but
the sessions are not encrypted at all (only compressed). You could of course
use vnc in conjunction with ssh and you should also use _one time passwords_
to authenticate the users. 

VNC passwords can be brute forced:
http://www.securiteam.com/tools/Brute_forcing_VNC_passwords.html

SSH+VNC:
http://www.zip.com.au/~cs/answers/vnc-thru-firewall-via-ssh.txt

MindVNC (java VNC client with ssh):
http://www.mindbright.com/english/technology/products/mindvnc.html

SSHD on NT:
http://www.gnac.com/techinfo/ssh_on_nt/ssh_on_nt.htm

Lars

> -----Original Message-----
> From: Gopinath Pulyankote [mailto:[email protected]]
> Sent: 13. september 2000 01:43
> To: Checkpoint Mailinglist
> Subject: [FW1] Security Implications of using VNC Viewer /WinVNC
> 
> 
> 
> Topic is not directly related to FW-1, hence please forgive.
> Hello,
> 
> 	Some of our users wants to use VNCviewer from the 
> Internet to connect to
> their desktops via FW-1 WITHOUT using SecuRemote (The 
> desktops are on a
> subnet that's not part of our encryption domain due to some historical
> reasons! :) ) . Wanted to know your views on this product. 
> How safe is it?
> Any reports of security vulnerability, can the packets be 
> sniffed to get the
> initial login password or the data itself?
> For those not familiar, its almost like PC-Anywhere or other 
> thin clients,
> which enables control of a remote desktop or Unix server.
> TIA
> Gopinath
> 
> 
> 
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the 
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
> 


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents � 2003 Network Presence, LLC. All rights reserved.