-----Original Message-----
From: Jared Lyvers [mailto:jared@lewiscommunications.com]
Sent: Sunday, January 22, 2006 8:09 PM
To: security-basics@securityfocus.com
Subject: vnc server
First off, sorry Simon. I ment to send this to the list but
sent it to only you instead.
Now, on to my real question.
I'm looking to use VNC on my windows machine for remote
logins. Currently I only have the following open ports:
25/tcp open smtp
80/tcp open http
113/tcp closed auth
1352/tcp open lotusnotes
5902/tcp open vnc-2
5903/tcp open vnc-3
8080/tcp open http-proxy
Are there any security problems that I may be over looking by
using VNC on my machine?
Regards,
JL
--
// Jared Lyvers
// -----------------------
// Director of Interactive
// Director of IT
// LPI Certified
// -----------------------
// www.lewiscommunications.com
By default VNC is unencrypted. Some flavors have encryption options. I've
tried only one of these but haven't been able to get it to work properly. I
have, however, had great success with running VNC over SSL-encrypted tunnels via
stunnel.
Brent Gardner
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
