Home page logo

basics logo Security Basics mailing list archives

Re: vnc through ssh for windows
From: SMiller () unimin com
Date: Fri, 10 Dec 2004 09:17:12 -0500

You might want to look at iTivity (http://www.tridia.com), which is another
commercial product that is originally a descendant of AT&T vnc.  I am
currently using Tridia's VNCPro product on clients, and their Internet
Access Server for connections from and to NAT address machines (you do not
need a VPN service if you have this).  This has been working marvelously
since May.  iTivity will take this one step further in that the hosts will
run agents downloaded from a web server, eliminating the need for client
installs.  iTivity is also priced by live connection, i.e. one host and one
support computer equal two connections.  Caveat - I have purchased iTivity
but not yet deployed it, but I am very optimistic it will run with few
hassles.  This model may not be right for everyone, but it fits our support
needs to a "T".

Scott Miller

             <nospam () dranem or                                             
             g>                                                         To 
                                       security-basics () securityfocus com   
             12/03/2004 11:37                                           cc 
                                                                    Fax to 
                                       vnc through ssh for windows         

Michael Puchol wrote:


Just make sure you are talking about the Enterprise version of RealVNC,
which does have AES, and authentication of server and viewer. The standard
VNC protocol is non-encrypted, and the password security is laughable. In
TightVNC implementations you type a password over 8 characters at the
configuration, and you are nicely reminded that only the first 8
will be used anyway.

I run TightVNC over SSH2, which benefits from the extra compression the
tunnel provides. I use strong auth at the SSH2 stage, with other filtering
added at lower layers, so it's pretty safe that way.

Best regards,


----- Original Message -----
From: "Stephane Auger" <stephaneauger () pre2post com>
To: "Brian Bemis" <brian_bemis () hotmail com>;
<security-basics () securityfocus com>
Sent: Wednesday, December 01, 2004 8:46 PM
Subject: RE: pcAnywhere question


 I'm using Remote Desktop to manage my Windows XP clients and Windows
2000/2003 servers.  It runs pretty good, but we have VPNs set up for
when we connect.  The encryption in Terminal Services, in my opinion, is
good but a VPN's always the best solution, and adds almost no overhead.
A second nice solution is VNC (www.realvnc.com), which projects the
desktop as if you were locally connected, unlike Terminal Services which
is a remote session.  I usually have both enabled.  That way, I used
remote desktop, and if I need to do something "locally", or TS crashes,
VNC's available as a backdoor.  VNC also has encryption and password

How is the setup on a windows box setup?   with ssh  as the transport?????

for Either PCAnywhere or  VNC [any flavour]
with ssh  as the transport?????

I assume it needs to be piped through  something like cygwin/ssh????

any pointers appreciated
for all OSes   but windows specificaly
 windows 98/2k/xp/server  & linux/unix/mac osx [os9 unlikely]

Have not found a good recipe so far  ;-{



don't change the email address it  works..

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]