Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: VNC Security

from [Alexandre Zglav] Network Security [Permanent Link]
Subject: RE: VNC Security
Date: Wed, 27 Apr 2005 14:53:43 +0200 



I like this solution !


In my book there are better ways to do it.


What book ?
What ways ?

Thanks :)


--- QUOTE ---
Scenario C is assuming the following points.
1.  A single remote user with a software firewall, who doesn't belong to
a larger corporation, a one person organization.  You're supporting them
as a contractor.

At your location, setup a SSH server available on the internet with
password logins disabled and keys for various users who need your
support.  On their machine a PuTTY configuration (or similar client)
with all the port forwards setup and the connection details configured.
Have the client connect initiate the putty connection (as simple as a
double click) which forwards the port for VNC to the SSH server on a
predestined port.  Connect to this port and take over their machine.
Total user work required, double clicking on a PuTTY connection.


All of these require less actual work on the part of the user (GOOD
THING) and are much more secure.  Can you "safely" run VNC over the
public internet?  Sure.  Do you want to?  I know I don't.  In my book
there are better ways to do it.
--- END QUOTE ---




E-mail contains confidential information or information belonging to Heritage 
Bank & Trust (hereafter "HBT") and is intended solely for the addressees. Any 
views or opinions contained in this message are solely those of the author, and 
do not necessarily represent those of HBT, unless otherwise specifically stated 
and subject to the sender being authorised to express such view or opinion.The 
unauthorised disclosure, use, dissemination or copying of this e-mail, or 
anyinformation it contains, is prohibited. E-mails are susceptible to 
alteration and their integrity cannot be guaranteed. Internet communications 
are not secured, therefore HBT shall not be liable for this e-mail if modified 
or falsified. If you are not the intended recipient of this e-mail, please 
delete it immediately and notify the sender of the wrong delivery. This message 
is for informational purposes and should not be construed as a solicitation or 
offer to buy or sell any securities, investments or related f
 inancial instruments.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: toolkits, H Carvey
Next by Date:  Secure web site access and PKI Certs, Keenan Smith
Previous by Thread:  Re: VNC Security, Andy Bruce - softwareAB
Next by Thread:  block MSN Messenger, Bruyere, Michel
Indexes:  [Date] [Thread] [Top] [All Lists]