RE: [fw-wiz] Using RDP Port 3389

From: Josh Welch (jwelch_at_buffalowildwings.com)
Date: 04/21/04

  • Next message: Chuck Vose: "[fw-wiz] Stanford break in"
    To: <firewall-wizards@honor.icsalabs.com>
    Date: Wed, 21 Apr 2004 08:29:35 -0500
    
    

    Melson, Paul said:
    > Actually, I think that VNC could be worse than Terminal Services from a
    > security point of view. First, its logging is awful. Second, it can
    > only be secured by a single password. Since everyone allowed to use VNC
    > would know the same password, this doesn't meet the standard for
    > authentication. Third, it gives the remote user the console. If left
    > logged in, the only thing between a malicious user and eavesdropping or
    > major destruction is a single password that can't be locked-on-failure,
    > so it *can* be brute-forced.
    >
    > There may not be any 0d4y-spl01tz for VNC at the moment, but IMHO, it
    > suffers from some design flaws that make it less than secure.
    >
    > That said, I use VNC with my systems at home. But this traffic is
    > always tunneled via SSH across the Internet.
    >
    > PaulM

    This is getting to be somewhat OT, but FWIW UltraVNC can be configured to
    use Windows logon information, but it seems to be rather slow authenticating
    in that scenario.

    Thanks,
    Josh

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Chuck Vose: "[fw-wiz] Stanford break in"

    Relevant Pages

    • Re: Remote Desktop
      ... Get the remote user to invite you to help them. ... See local Windows ... Essentially they send you an rcbuddy email ... Use the free version of VNC. ...
      (microsoft.public.windowsxp.general)
    • RE: [fw-wiz] Using RDP Port 3389
      ... Onto Remote Administrator. ... single password authentication, or it can use the built-in NT ... but I know VNC has been looked at many a time and at it's current ... suffers from some design flaws that make it less than secure. ...
      (Firewall-Wizards)