Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Security Implications of using VNC Viewer /WinVNC

To: "'[email protected]'" <[email protected]>
Subject: RE: [FW1] Security Implications of using VNC Viewer /WinVNC
From: Frank Knobbe <[email protected]>
Date: Mon, 25 Sep 2000 18:12:09 -0500
Cc: Checkpoint Mailinglist <[email protected]>
Sender: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

No, what he is saying is that, yes, the password is in the Registry,
with a weak protection. Breaking it is trivial. His point is that if
someone is able to get to your Registry remotely, you have much
bigger problems on your hand.

If you physically in front of a box, you pretty own the box anyway.
That does not mean that VNC is not useful.

If the Registry is reasonably secured, and no unauthorized user has
access to it (and the machine is firewalled so that no one from the
Internet can chip away at it), than having the weak password in the
Registry is not a big deal.

The risk in using VNC lies in the protocol itself. Yes, the
authentication is done with hashes I believe, but these can be
sniffed of the net and brute-forced (Hey Dug, when will dniff read
VNC? ;)  The rest goes across pretty much in clear text. It should
not be much of an effort to write a sniffer that re-creates the
transmitted screen info and keystrokes and displays it on the hackers
PC.

VNC is a nice little remote control utility. However, don't run it on
sensitive servers, not without using a VPN or SSH or your favorite
encrypting tunnel.

Regards,
Frank

> -----Original Message-----
> From: Bill Husler [mailto:[email protected]]
> Sent: Monday, September 25, 2000 5:38 PM
> Cc: Checkpoint Mailinglist
> Subject: Re: [FW1] Security Implications of using VNC Viewer
> /WinVNC  
> 
> 
> 
> I guess what I am hearing you say is that there is no way to 
> Read information from
> the registry remotely and that one would have to be 
> physically at the console in
> order to have this access (in which case, you would hardly 
> need VNC anyway).
> Bill
> 
> Ken McKinlay wrote:
> 
> > A brute force attack can be made on the password if you can 
> gain access to
> > the password in the registry. Of course, if you have access 
> to the registry,
> > many other things as possible too :)
> >
> > >From an archived message on the VNC mailing mail
> > (http://www.uk.research.att.com/search.html):
> >
> > <snip>
> > The registry entry is only encrypted to prevent it from 
> being readable if
> > you happen to have it up on your screen in regedit for some 
> reason, not to
> > provide security (that should be done using registry 
> security under WinNT).
> > If you have access to the Windows machine then obviously 
> you can change the
> > password, or decrypt it
> > <snip>
> >
> > Ken McKinlay
> >)
> > Extension 506
> > [email protected]
> >
> > -----Original Message-----
> > From: Bill Husler [mailto:[email protected]]
> > Sent: Monday, September 25, 2000 14:04
> > Cc: Checkpoint Mailinglist
> > Subject: Re: [FW1] Security Implications of using VNC Viewer
> > /WinVNC 
> >
> > I have heard that the windows version of VNC stores the 
> password in an
> > unprotected
> > (by default) area of the registry using a simple hash and may be
> > exploitable. Does
> > anyone care to speak to this?
> > Bill
> >
> > [email protected] wrote:
> >
> > > On Wed, 13 Sep 2000, Aaron Turner wrote:
> > >
> > > > Not sure where I read/found this, but I remember 
> hearing that people
> > > > were tunnelling VNC over SSH.
> > >
> > > it is on the vnc website.
> > >
> > > http://www.uk.research.att.com/vnc/sshvnc.html
> > >
> > > - brett
> > >
> > >
> > 
> ==============================================================
> ==============
> > ====
> > >      To unsubscribe from this mailing list, please see 
> the instructions at
> > >               http://www.checkpoint.com/services/mailing.html
> > >
> > 
> ==============================================================
> ==============
> > ====
> >
> > 
> ==============================================================
> ==============
> > ====
> >      To unsubscribe from this mailing list, please see the 
> instructions at
> >               http://www.checkpoint.com/services/mailing.html
> > 
> ==============================================================
> ==============
> > ====
> >
> > 
> ==============================================================
> ==================
> >      To unsubscribe from this mailing list, please see the 
> instructions at
> >               http://www.checkpoint.com/services/mailing.html
> > 
> ==============================================================
> ==================
> 
> 
> 
> ==============================================================
> ==================
>      To unsubscribe from this mailing list, please see the 
> instructions at
>                http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
> 

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1
Comment: PGP or S/MIME (X.509) encrypted email preferred.

iQA/AwUBOc/byURKym0LjhFcEQL7WQCgiuetxQXZx4FiiuWJjcU/+CfPdL0AoNVt
liSAkRGSJyjue2c4DKWDrCtf
=dbdX
-----END PGP SIGNATURE-----


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Error : "not connected" FTP Problem
Next by Date: Re: [FW1] Security Implications of using VNC Viewer /WinVNC
Previous by thread: Re: [FW1] Security Implications of using VNC Viewer /WinVNC
Next by thread: Re: [FW1] Security Implications of using VNC Viewer /WinVNC
Index(es):
- Date
- Thread