That's just what I've done: closed the vnc-holes in my firewall (btw it does use a blacklist on incoming connections), and configured the vino-server to not be running by default and when it runs to not accept any unauthorised connections.
Let's see if that does the trick. Greetings, Jan > Datum: 09/05/07 08:11 AM > Van: "Lee Braiden" <[EMAIL PROTECTED]> > Aan: debian-security@lists.debian.org > CC: > Onderwerp : Re: spooky windows script > > On Tuesday 08 May 2007 22:34:30 Gerardo Curiel wrote: > > El mar, 08-05-2007 a las 22:24 +0200, Thomas Hochstein escribió: > > > Chris Adams schrieb: > > > > Do you have a VNC server installed? > > > > > > > | But I do have vino-server running. > > > > > > Yes. > > > > That's the problem, the same happened to me a couple of weeks ago, in my > > Desktop(a newly installed Debian Unstable). > > > > Vino seems to open the vnc port to the outside without password when > > installed by default. > > I would say the problem is more that his system is configured to allow any > servers without explicit authorisation. That could just as easily have been > a trojan or rootkit opening a port. Best to setup your firewall to block all > incoming connections by default, and explicitly allow only what your system > is actually serving, and only to machines it needs to serve. > > -- > Lee > > >
