VNC access not by me - Should I be concerned?

NeilF

NeilF

NeilF

Soldato
Joined
15 Nov 2003
Posts
14,473
Location
Marlow
I have VNC access to my machine at home.

While looking at my Event Viewer (crappy place for VNC to put logs IMHO) I can see access to that program that is not by me.

Now they aren't very often, EG couple of times a month, and all the ones I can see 'connect' to VNC but don't 'authorise' thru/further.

Now, are these just the random traffic requests you seem to get on the internet, or do I need to be concerned?
 
NeilFawcett said:
I have VNC access to my machine at home.
<SNIP>
Now, are these just the random traffic requests you seem to get on the internet, or do I need to be concerned?
Click to expand...

awhile back there was an artical that VNC can be compromised. This is indeed very true as a friend of mine acctually did have his computer taken over even though it had a very long complex password. I assure you to find another method of remote desktop.
 
andr3w1984 said:
awhile back there was an artical that VNC can be compromised. This is indeed very true as a friend of mine acctually did have his computer taken over even though it had a very long complex password. I assure you to find another method of remote desktop.
Click to expand...

Any recommendations?

ps: I'm using VNC4!
 
Are you tunnelling the VNC connection through SSH? IIRC, the password in VNC is sent in plain text...
 
daz said:
Are you tunnelling the VNC connection through SSH? IIRC, the password in VNC is sent in plain text...
Click to expand...

I have no idea what SSH or IIRC is.... So I suspect not.

The encryption option is enabled within VNC (server)... When logging on is says 128bit encryption.
 
NeilFawcett said:
I have no idea what SSH or IIRC is.... So I suspect not.

The encryption option is enabled within VNC (server)... When logging on is says 128bit encryption.
Click to expand...

If your only setting downloads off. There is better ways to do this and that is to use uTorrent with a built in HTTP server too allow you to connect via HTTP (Internet Explorer) and you can upload torrents via this.

https://[ip address]:[port]/path
I suggest you give it ago because it is a more secure way to handle downloads than remote desktop and uses less bandwidth.

Assuming your downloading via torrents that is.
 
Last edited by a moderator:
andr3w1984 said:
If your only setting downloads off. There is better ways to do this and that is to use uTorrent with a built in HTTP server too allow you to connect via HTTP (Internet Explorer) and you can upload torrents via this.

https://[ip address]:[port]/path
I suggest you give it ago because it is a more secure way to handle downloads than remote desktop and uses less bandwidth.

Assuming your downloading via torrents that is.
Click to expand...

I do more than that (unfortunately)... Is there a better alternative to VNC?

Or at least a more reliable means of using it? Maybe forcing NT authentication for it as well (that's an option within VNC Server).

ps: I do use uTorrent :)
 
NeilFawcett said:
I do more than that (unfortunately)... Is there a better alternative to VNC?

Or at least a more reliable means of using it? Maybe forcing NT authentication for it as well (that's an option within VNC Server).

ps: I do use uTorrent :)
Click to expand...


Why not use the built in remote desktop? Assuming your eitha using XP/Vista Premium/Ultimate?
 
NeilFawcett said:
I have VNC access to my machine at home.

While looking at my Event Viewer (crappy place for VNC to put logs IMHO) I can see access to that program that is not by me.

Now they aren't very often, EG couple of times a month, and all the ones I can see 'connect' to VNC but don't 'authorise' thru/further.

Now, are these just the random traffic requests you seem to get on the internet, or do I need to be concerned?
Click to expand...


Are you using VNC version 4.1.1? (You can tell by right clicking the VNC icon in the system tray by the clock and choosing about).

If you are, change it *immediately*. VNC 4.1.1 has a bug in where people can connect without knowing the password. 4.1.2 and later is safe.
 
Yes

there are business' out there that sell Thin clients that work off just the same technology. Essentially all they have, is a keyboard, a mouse, a monitor, a printer port and a flash drive with a remote desktop connector and some other custom bits

you turn the client on, and it straight away remote desktops to the server. No local operating system at all

plus think of all those datacentres with racks of servers in. They're nearlly allways accessed via remote desktop

You wont crack remote desktop in the same way you can VNC, because the acess levels etc.. are you windows one, not just a registry value that can be seen / read quite easily as in VNC's case
 
Last edited:
MrLOL said:
Yes

there are business' out there that sell Thin clients that work off just the same technology. Essentiall all have, is a keyboard, a mouse, a monitor, a printer port and a flash drive with a remote desktop connector and some other custom bits

you turn the client on, and it straight away remote desktops to the server. No local operating system at all

plus think of all those datacentres with racks of servers in. They're nearlly allways accessed via remote desktop

You wont crack remote desktop in the same way you can VNC, because the acess levels etc.. are you windows one, not just a registry value that can be seen / read quite easily as in VNC's case
Click to expand...

Thought I'd change the default port number at least from 3391 to something else... Can't get it to work :(

Change the reg entry, changed the firewall, change the router to port forward... Cannot connect on the new port (or obviously the original).
 
CrimsonAvenger said:
Another vote for LogMeIn here.

Simple, easy to use and install :)
Click to expand...

Do you have to do things with firewall, and router port mapping to allow it to work?

Can you copy files to/from the machine with LogMeIn (free)?

ps: I notice you cannot reboot the machine with LogMeIn free? Huh? What prevents you from just going into task manager and doing it from in there?
 
You must log in or register to reply here.
Back
Top Bottom