Home page logo
/

basics logo Security Basics mailing list archives

Re: vnc server
From: Philippe De Ryck <philippe.de.ryck () skynet be>
Date: Tue, 24 Jan 2006 00:38:51 +0100

Jared,

Maybe not a VNC-solution, but based on the open ports I'm guessing
you're running some kind of server version of Windows. Since Windows
2000 there is Remote Desktop included, which works in a VNC-kind of way.
The difference is however with RDP (Remote Desktop Protocol) you have a
total separate login (you don't just take over the current screen). As
far as I know, RDP is quite secure and I think it's fast too. I use it
and I can not complain about it.

There even is a linux-client available (just as for VNC) that works just
fine (I have some trouble with the keymaps, but that's because I have a
Dutch Windows which is crap :)).

If you use VNC from Windows -> Windows, you might want to take a look at
ultraVNC (on sourceforge). UltraVNC supports windows-authentication
(which requires the UltraVNC-client if I'm not mistaken). UltraVNC also
supports normal password authentication, which can be used with any
VNC-client.

Good luck

Philippe De Ryck

On Sun, 2006-01-22 at 21:08 -0600, Jared Lyvers wrote:
First off, sorry Simon.  I ment to send this to the list but sent it to
only you instead.

Now, on to my real question.

I'm looking to use VNC on my windows machine for remote logins.  Currently
I only have the following open ports:

25/tcp   open   smtp
80/tcp   open   http
113/tcp  closed auth
1352/tcp open   lotusnotes
5902/tcp open   vnc-2
5903/tcp open   vnc-3
8080/tcp open   http-proxy

Are there any security problems that I may be over looking by using VNC on
my machine?

Regards,

JL



---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]