Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Security Implications of using VNC Viewer /WinVNC

To: Chris Trudeau <[email protected]>
Subject: Re: [FW1] Security Implications of using VNC Viewer /WinVNC
From: Aaron Turner <[email protected]>
Date: Wed, 13 Sep 2000 10:00:59 -0700 (PDT)
Cc: [email protected], Checkpoint Mailinglist <[email protected]>
In-reply-to: <[email protected]>
Sender: [email protected]


Not sure where I read/found this, but I remember hearing that people were
tunnelling VNC over SSH.  You'll prolly take a small performance hit, but
the added security is worth it IMHO.  You probably can find more info by
searching on Google or Deja for "VNC and ssh".

-- 
Aaron Turner        [email protected] Engineer                         Vicinity Corp.        
Cell:http://www.vicinity.com

On Wed, 13 Sep 2000, Chris Trudeau wrote:

> 
> B e very careful, while feature wise VNC is much like PCAnywhere or other "remote
> control" packages.  As far as I know in the latest releases, there is NO facility
> for using encrypted traffic and authentication for connecting to the daemon is in
> clear text.
> 
> Sitting on a network collecting traffic information between your clients and the
> firewall would make breaking into your network trivial at best.
> 
> However, VNC is really cool!  It is considerably smaller than the other packages out
> there, and (here comes the really cool part) allows you to view and remotely manage
> your windows desktop from a unix platform.
> 
> Use it within trusted domains.. Hopefully if they AT&T labs in the UK actually
> releases another version of it, they can tune some small performance issues and
> possibly offer a layer of encryption.
> 
> Chris
> 
> Gopinath Pulyankote wrote:
> 
> > Topic is not directly related to FW-1, hence please forgive.
> > Hello,
> >
> >         Some of our users wants to use VNCviewer from the Internet to connect to
> > their desktops via FW-1 WITHOUT using SecuRemote (The desktops are on a
> > subnet that's not part of our encryption domain due to some historical
> > reasons! :) ) . Wanted to know your views on this product. How safe is it?
> > Any reports of security vulnerability, can the packets be sniffed to get the
> > initial login password or the data itself?
> > For those not familiar, its almost like PC-Anywhere or other thin clients,
> > which enables control of a remote desktop or Unix server.
> > TIA
> > Gopinath
> >
> > ================================================================================
> >      To unsubscribe from this mailing list, please see the instructions at
> >                http://www.checkpoint.com/services/mailing.html
> > ================================================================================
> 
> 
> 
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================
> 



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Follow-Ups:
- Re: [FW1] Security Implications of using VNC Viewer /WinVNC
  - From: [email protected]

References:
- Re: [FW1] Security Implications of using VNC Viewer /WinVNC
  - From: Chris Trudeau <[email protected]>

Prev by Date: RE: [FW1] Bizarre ftp problems
Next by Date: [FW1] GateD for OSPF on FW-1
Previous by thread: Re: [FW1] Security Implications of using VNC Viewer /WinVNC
Next by thread: Re: [FW1] Security Implications of using VNC Viewer /WinVNC
Index(es):
- Date
- Thread