VNC access not by me - Should I be concerned?

[NeilF]

HANG ON! I've just set my VNC to use NT logon authentication! So surely it's now as secure as Remote Desktop for example?

I've got the account on the machine set to allow 5 attempts and then lock out for 5 mins... This has got to be pretty damn safe surely!!!

 

[InvaderGIR]

ps: I notice you cannot reboot the machine with LogMeIn free? Huh? What prevents you from just going into task manager and doing it from in there?

I can (well could when the system was connected to the net...damn Belkin router), as you have control over the desktop you can just go:

Start > Shutdown > Restart/Shutdown/etc.

InvG

 

[NeilF]

I can (well could when the system was connected to the net...damn Belkin router), as you have control over the desktop you can just go:

Start > Shutdown > Restart/Shutdown/etc.

InvG

Given what I've just discovered I'll stick with VNC... I cannot imagine how it can be anyless secure than Remote Desktop now:-
1) I've got it using NT logons
2) If a logon entered incorrectly 5 times, then logon is disable for 5 mins.
3) I'll also change the standard port for it as well.

Now, that's got to be nice a secure

 

[Fr0dders]

given that we're only on about your PC at home you should be fine

and the biggest problem with VNC is that the value is stored in the registry for your password. If you've got it to use NT authentication you've removed one of the biggest shortfalls of common VNC versions.

 

[NeilF]

given that we're only on about your PC at home you should be fine

and the biggest problem with VNC is that the value is stored in the registry for your password. If you've got it to use NT authentication you've removed one of the biggest shortfalls of common VNC versions.

Plus more than 5 attempts to logon will lock the logon for 5 mins...

Plus I'll change the standard VNC port

 

[Skeeter]

Short answer, Yes

Long answers, Yeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeees

If you have a direct connection to the internet on your PC, or can setup port forwarding on your router use Windows Remote Desktop, or Terminal Services as its also known. If you cant be bothered with setting up tunnels etc then use www.logmein.com. Its free and allows you to just install a piece of software on your machine, then access it through a web browser anywhere in the world. I have it on all my machines, my families machines, my girlfriends and a mates. Easy access regardless of where they are or where you are!

 

[NeilF]

Short answer, Yes

Long answers, Yeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeees

If you have a direct connection to the internet on your PC, or can setup port forwarding on your router use Windows Remote Desktop, or Terminal Services as its also known. If you cant be bothered with setting up tunnels etc then use www.logmein.com. Its free and allows you to just install a piece of software on your machine, then access it through a web browser anywhere in the world. I have it on all my machines, my families machines, my girlfriends and a mates. Easy access regardless of where they are or where you are!

And why is the answer 'yes'?

Why is Remote Desktop more secure than what I've (now) done?

ps: LogMeIn doesn't allow file transfer, which I want...

 

[dbmzk1]

I wouldn't trust any website with that kind of access to my machine!

VNC is perfectly secure and has its own web interface if you can't install the viewer.

 

[CrimsonAvenger]

Do you have to do things with firewall, and router port mapping to allow it to work?

Can you copy files to/from the machine with LogMeIn (free)?

ps: I notice you cannot reboot the machine with LogMeIn free? Huh? What prevents you from just going into task manager and doing it from in there?

Everything for access is done via web browser so all on port 80, so firewall settings should already cover that.

Copying files and the like aren't included in the FREE version.

You can reboot the pc while connected via logmein. You obviously just lose the connection and then connect again when the PC is back up as its running as a service.

 

[NeilF]

Unless anyone can suggest/say otherwise, I think I'm going to stick with VNC, but with NT logons (only 5 attempts permitted) on a different (to standard) port...

I can't imagine that is any less secure than other methods...

 

[CrimsonAvenger]

Get someone to test it remotely for sure

 

[Dracata]

Unless anyone can suggest/say otherwise, I think I'm going to stick with VNC, but with NT logons (only 5 attempts permitted) on a different (to standard) port...

I can't imagine that is any less secure than other methods...

Stick with VNC! If you're using NT Logon authentication then you are running VNC Enterprise Edition, which is as secure as any form of remote control software out there, if you have any specific questions or anyone wants to dispell this i challenge them to try! mwahaha..

Biased because I work for RealVNC? Yes.

 

[Clarkey]

VNC is insecure, not suitable for use over the internet. Use logmein or RDP.

 

[bledd]

use hamachi & vnc

no ports forwarded then

 

[NeilF]

VNC is insecure, not suitable for use over the internet. Use logmein or RDP.

...and how is it insecure?

 

[Clarkey]

8 character password limitation, weak password encryption, no data encryption.

 

[bledd]

which is why hamachi secures it

 

[NeilF]

8 character password limitation, weak password encryption, no data encryption.

From my understanding....
1) I'm using the full windows NT user authentication so that's pretty strong.
2) In my case, if someone mistypes the password 5 times the account is locked out for 5 minutes. Therefore someone cannot just blitz the logon.
3) Why do you say no data encryption? When it does?

Dracata, care to comment on this?

 

[Fr0dders]

8 character password limitation, weak password encryption, no data encryption.

carefull

theres different versions of VNC out there

i know for a fact there are version of VNC out there that dont encrypt the password

i also know there are versions out there that do. and theres also versions that dont have the 8 character password limitation. I've not found one that does, but thats not to say there isnt because there are so many VNC versions

and as the OP has already said, hes found a way to use NT authentication instead of VNC authentication. Read the full post before posting a rush reply.

 

[NeilF]

carefull

theres different versions of VNC out there

i know for a fact there are version of VNC out there that dont encrypt the password

i also know there are versions out there that do. and theres also versions that dont have the 8 character password limitation. I've not found one that does, but thats not to say there isnt because there are so many VNC versions

and as the OP has already said, hes found a way to use NT authentication instead of VNC authentication. Read the full post before posting a rush reply.

Indeed! The problem with the internet is it's easy for people to sound as if they know what they're talking about, where infact they're raising questions rather than stating facts.


I have the 4.2.8 Enterprise Edition which as far as I'm concerned can be configured (& is) to encrypt all data. Furthermore, as previously stated, I'm using NT authorisation... Plus ontop of that on the machine in question if the account is incorrectly logged into 5 times it locks you out for 5 mins...

I'm fairly happy this is secure as needs be...