Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: VNC Security

from [Andy Bruce - softwareAB] Network Security [Permanent Link]
Subject: Re: VNC Security
Date: Tue, 26 Apr 2005 14:53:43 -0400 
Beat that horse...

---CUT---
Scenario C is assuming the following points.
1.  A single remote user with a software firewall, who doesn't belong to
a larger corporation, a one person organization.  You're supporting them
as a contractor.

At your location, setup a SSH server available on the internet with
password logins disabled and keys for various users who need your
support.  On their machine a PuTTY configuration (or similar client)
with all the port forwards setup and the connection details configured.
Have the client connect initiate the putty connection (as simple as a
double click) which forwards the port for VNC to the SSH server on a
predestined port.  Connect to this port and take over their machine.
Total user work required, double clicking on a PuTTY connection.
---CUT---

A. the user doesn't have putty installed. Someone (meaning me) has to talk them thru it. 
("now type -L 5900:localhost:5900, oh wait, not the number one, but the letter L ah 
heck...")

B. much of the time, the user can't spell "port forwarding", much less do it. 
Hence in many situations they are connected to internet directly and we just tell them to 
have windows firewall allow VNC server port access.

C. If the user can get this setup without too much assistance, they can setup 
their own SSH daemon and let me come in under RDO or VNC or whatever. So the 
conversation is moot.

Andy





[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: VMWare and Security, Gene Yoo
Next by Date:  RE: VNC Security, Conlan Adams
Previous by Thread:  RE: VNC Security, Conlan Adams
Next by Thread:  RE: VNC Security, Conlan Adams
Indexes:  [Date] [Thread] [Top] [All Lists]