Re: Macintosh TightVNC
See http://perso.wanadoo.fr/gilles.depeyrot/DevTools_en.html Apple has provided compilers (free) for c/c++. ScanMan wrote: > > Has anyone here looked into porting the TightVNC viewer to Macintosh? Is > there anything that would keep you from just copying out the relevant > parts of TightVNC for Windows/UNIX and pasting them into the AT&T Mac > VNC viewer? > - > To unsubscribe, mail [EMAIL PROTECTED] with the line: > 'unsubscribe vnc-list' in the message BODY > See also: http://www.uk.research.att.com/vnc/intouch.html > - - To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html -
VNC Downloadable Documentation : PLEASE HELP
goto fourth line of documentation page and click on here (highlighted) for .pdf file. - To unsubscribe, send a message with the line: unsubscribe vnc-list to [EMAIL PROTECTED] See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: Vnc Java Compile is a no-go!
Establish the Java home directory in your PATH. Frank Griffith wrote: > I run FreeBSD 4.2 and have successfully setup Xvnc > on it. I can easily access my server from remote > stations with it using the twm and kde desktops. So > far so good. > > I then tried to add the java source so I can access the > server via browser. I untarred the source and ran > > make all > > but I get the following error message: > > javac -O vncviewer.java > javac:No such file or directory > *** Error code 1 > > Stop in /usr/src/vnc_javasrc. > > I've poured over the docs and searched the mail > archives high and low with all kinds of combinations > of the error message and java, install, problem, etc... > but come up empty each time. > > Can anyone shed some light on what might be wrong? > - > To unsubscribe, send a message with the line: unsubscribe vnc-list > to [EMAIL PROTECTED] > See also: http://www.uk.research.att.com/vnc/intouch.html > - - To unsubscribe, send a message with the line: unsubscribe vnc-list to [EMAIL PROTECTED] See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: Vnc Java Compile is a no-go!
Sorry, I assumed (I know, it made an ass of me) that you had the JDK already. Try this link (second reference): http://www.infospheres.caltech.edu/releases/current/documentation/user_guide/html/node2.html Frank Griffith wrote: > Thanks for your reply. Being a newbie at some of > this I assume you mean a Java Development Kit (JDK). > And if so, how and where do I obtain one? > > - Original Message - > From: "Jonathan Morton" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, December 06, 2000 8:13 PM > Subject: Re: Vnc Java Compile is a no-go! > > > >I run FreeBSD 4.2 and have successfully setup Xvnc > > >on it. I can easily access my server from remote > > >stations with it using the twm and kde desktops. So > > >far so good. > > > > > >I then tried to add the java source so I can access the > > >server via browser. I untarred the source and ran > > > > > >make all > > > > > >but I get the following error message: > > > > > >javac -O vncviewer.java > > >javac:No such file or directory > > >*** Error code 1 > > > > > >Stop in /usr/src/vnc_javasrc. > > > > > >I've poured over the docs and searched the mail > > >archives high and low with all kinds of combinations > > >of the error message and java, install, problem, etc... > > >but come up empty each time. > > > > > >Can anyone shed some light on what might be wrong? > > > > You need a JDK. > > > > -- > > from: Jonathan "Chromatix" Morton > > mail: [EMAIL PROTECTED] (not for attachments) > > big-mail: [EMAIL PROTECTED] > > uni-mail: [EMAIL PROTECTED] > > > > The key to knowledge is not to rely on people to teach you it. > > > > Get VNC Server for Macintosh from http://www.chromatix.uklinux.net/vnc/ > > > > -BEGIN GEEK CODE BLOCK- > > Version 3.12 > > GCS$/E/S dpu(!) s:- a19 C+++ UL++ P L+++ E W+ N- o? K? w--- O-- M++$ V? PS > > PE- Y+ PGP++ t- 5- X- R !tv b++ DI+++ D G e+ h+ r- y+ > > -END GEEK CODE BLOCK- > > - > > To unsubscribe, send a message with the line: unsubscribe vnc-list > > to [EMAIL PROTECTED] > > See also: http://www.uk.research.att.com/vnc/intouch.html > > - > - > To unsubscribe, send a message with the line: unsubscribe vnc-list > to [EMAIL PROTECTED] > See also: http://www.uk.research.att.com/vnc/intouch.html > - - To unsubscribe, send a message with the line: unsubscribe vnc-list to [EMAIL PROTECTED] See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: VNC as a "pre-boot" OS?
What's wrong with a Z80? Kieran Coughlan wrote: > Wallowing in nostalgia Jonathan? :) > > Perhaps you should start a series on 6502 assembler ;) > > Kieran > > > -Original Message- > > From: Jonathan Morton [SMTP:[EMAIL PROTECTED]] > > Sent: Tuesday, December 12, 2000 1:00 PM > > To: [EMAIL PROTECTED] > > Subject: Re: VNC as a "pre-boot" OS? > > > > > > On an off-topic note, the BBC Micro's ROM is split in two physical > > parts, > > one containing the OS and one containing the BASIC language - the > > BASIC > > chip can be physically swapped or logically paged out in favour of an > > RFB > > environment ROM, or a word processor, or... > - > To unsubscribe, send a message with the line: unsubscribe vnc-list > to [EMAIL PROTECTED] > See also: http://www.uk.research.att.com/vnc/intouch.html > - - To unsubscribe, send a message with the line: unsubscribe vnc-list to [EMAIL PROTECTED] See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: VNC as a "pre-boot" OS?
Tim, I could probably dig an old Z80 asm. book out of storage. I remember that 0xc9 is a RET and 0xD9 is a call.. Tim Senecal wrote: > Guys, > > speaking of the Z80... > > I have an old Timex\Sinclair TS1000 (sinclair zx81), that has a wordprocessor > rom pack that totally takes over the system, replacing the 8k sinclair > basic rom with its own rom... > > possibly a new rom for the wordprocessor pack could be burned... > > ...if the vnc display can be restructured for a black and white 64x42 pixel > screen. > > :) > > Tim > > At 10:42 AM 12/12/2000 -0600, you wrote: > >What's wrong with a Z80? > > > >Kieran Coughlan wrote: > > > >> Wallowing in nostalgia Jonathan? :) > >> > >> Perhaps you should start a series on 6502 assembler ;) > >> > >> Kieran > >> > >> > -Original Message- > >> > From: Jonathan Morton [SMTP:[EMAIL PROTECTED]] > >> > Sent: Tuesday, December 12, 2000 1:00 PM > >> > To: [EMAIL PROTECTED] > >> > Subject: Re: VNC as a "pre-boot" OS? > >> > > >> > > >> > On an off-topic note, the BBC Micro's ROM is split in two physical > >> > parts, > >> > one containing the OS and one containing the BASIC language - the > >> > BASIC > >> > chip can be physically swapped or logically paged out in favour of an > >> > RFB > >> > environment ROM, or a word processor, or... > >> - > >> To unsubscribe, send a message with the line: unsubscribe vnc-list > >> to [EMAIL PROTECTED] > >> See also: http://www.uk.research.att.com/vnc/intouch.html > >> - > >- > >To unsubscribe, send a message with the line: unsubscribe vnc-list > >to [EMAIL PROTECTED] > >See also: http://www.uk.research.att.com/vnc/intouch.html > >- > - > To unsubscribe, send a message with the line: unsubscribe vnc-list > to [EMAIL PROTECTED] > See also: http://www.uk.research.att.com/vnc/intouch.html > - - To unsubscribe, send a message with the line: unsubscribe vnc-list to [EMAIL PROTECTED] See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: "ethical" to hide the VNC logo ...
Can't answer for the Brits, but we here in the U. S. of A. initiated a minor disagreement with them 224 years ago over other "ethical stances" of like nature. Where there is opportunity for misuse and/or corruption by authority, it is assured that such misuse/corruption will be seized and utilized. If an organization's personnel morale is so poor that trust in them to do the right thing is abandoned, perhaps it's time to look at reorganizing the institution. By the way, I for one would be interested in knowing just what constitutes a "dangerous political site" within an educational environment. antoine wrote: object : "ethical" for use of VNC I completely agree with the position of many members of this list about the use of VNC that forbidden to "spy" anybody on a network, of course ! it's a look on private life as read a mail of somebody or have look to his neighborhood ... But the problem is different and we have to replace it in its own reality : As I said clearly, It's a school where there is a network of PC to use internet only for the pupils who are not authorized to create mails, or write personal documents. They are only authorized to visit with their teacher some sites for works with their groups that's all ...! But some pupils break the system, go to forbidden site (like XXX, or dangerous political site and many others ..) and of course the school cannot accept it. So in this particular case it's not "spy" to use VNC to have a look on what are doing the pupils. Allready, since 2 weeks that the network is installed, we had a lot of problems : delete of system files, try to know the password, writing of insults on teachers, It's not the objective of this network ... VNC is the only way to stop these desagreements. Last remark : in England, we read in the newpapers, that a new law has been voted by the British Government, authorizing the companies or administration and even on private PC, to have a look on what doing the employees on internet ! What answer the people in england about this "spy" ? I hope now that my position about "to hide vnc logo" will have a better comprehension. See You ! Antoine Wachi - To unsubscribe, send a message with the line: unsubscribe vnc-list to [EMAIL PROTECTED] See also: http://www.uk.research.att.com/vnc/intouch.html - - To unsubscribe, send a message with the line: unsubscribe vnc-list to [EMAIL PROTECTED] See also: http://www.uk.research.att.com/vnc/intouch.html -
Newsgroup
Before everyone jumps and takes off into soaring rapture over newsgroups, etc., doesn't anyone think it a good idea to perhaps to solicit input from the folks at AT&T, the good folk who have given us VNC pro bono et gratii. As Joel Heagney said: "The only catch is that it's not really a job that can be done by a 'bot, so it's going to require someone with enough time and computer access to chase down and analyze the threads, etc ... to make it work." I believe it's a little presumptuous to expect Aideen and the rest of those good people to take on extra work because some are too lazy and/or unknowing to set up filtering of their email or use the delete message function, the ultimate filter. Common list courtesy, a little stronger encouragement to "rtfm", and a mature realization that the list will contain information that just might not be of interest to you old go a long way toward alleviating the problem. - To unsubscribe, send a message with the line: unsubscribe vnc-list to [EMAIL PROTECTED] See also: http://www.uk.research.att.com/vnc/intouch.html -
[Fwd: [CORE SDI ADVISORY] WinVNC client buffer overflow]
Just FYI
Original Message
Subject: [CORE SDI ADVISORY] WinVNC client buffer overflow
Date: Mon, 29 Jan 2001 19:20:28 -0300
From: Ivan Arce <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Organization: CORE SDI
To: <[EMAIL PROTECTED]>
CORE SDI
http://www.core-sdi.com
Vulnerability report for buffer overflow in ATT WinVNC client
Date Published: 2001-01-29
Advisory ID: CORE-2001011503
Bugtraq ID: 2305
CVE CAN: None currently assigned.
Title; ATT VNC Windows Client Buffer Overflow
Class: Boundary Error Condition (Buffer Overflow)
Remotely Exploitable: yes
Locally Exploitable: yes
Release Mode: USER RELEASE
Vulnerability Description:
As stated in the VNC home page ( http://www.uk.research.att.com/vnc/ ):
"VNC stands for Virtual Network Computing. It is, in essence, a
remote display system which allows you to view a computing 'desktop'
environment not only on the machine where it is running, but from anywhere
on the Internet and from a wide variety of machine architectures"
The ATT VNC client ships with a remotely exploitable buffer overflow.
By prodiving a specially crafted response a malicious server has the
ability to obtain access to the client machine and execute arbitrary
commands as the user running the client software.
As VNC is generally used for, among other things, remote management of
systems outside of the owners network (i.e. collocated sites) an
attack scenario for this vulnerability is of interest since it might
imply the escalation of an attack from a less secured network environment
(i.e. exposed web servers on a CoLo site) to more secured network
environment (i.e. an internal network or the NOC that performs remote
administration of the CoLo site).
Vulnerable Packages/Systems:
WinVNC up to version 3.3.3r7
Solution/Vendor Information/Workaround:
Contact vendor for an appropriate fix.
In the meantime apply this patch while inside the vnc_winsrc/vncviewer
directory:
--- Log.cpp Mon Jan 15 17:51:17 2001
+++ Log.cpp Mon Jan 15 17:52:00 2001
@@ -124,7 +124,7 @@
void Log::ReallyPrint(LPTSTR format, va_list ap)
{
TCHAR line[LINE_BUFFER_SIZE];
-_vstprintf(line, format, ap);
+_vsntprintf(line, sizeof(line) - sizeof(TCHAR), format, ap);
if (m_todebug) OutputDebugString(line);
if (m_toconsole) {
@@ -146,7 +146,7 @@
void Log::ReallyPrint(LPTSTR format, va_list ap)
{
TCHAR line[LINE_BUFFER_SIZE];
-_vstprintf(line, format, ap);
+_vsntprintf(line, sizeof(line) - sizeof(TCHAR), format, ap);
if (m_todebug) OutputDebugString(line);
if (m_tofile && (hlogfile != NULL)) {
This patch can also be downloaded from
ftp://ftp.core-sdi.com/pub/patches/VNC-clientBO.patch
Vendor notified on: 2001-15-01
Credits:
This vulnerability was found by Emiliano Kargieman, Agustin Azubel
and Maximiliano Caceres from Core SDI, http://www.core-sdi.com
This advisory was drafted with the help of the SecurityFocus.com
Vulnerability Help Team. For more information or assistance drafting
advisories please mail [EMAIL PROTECTED]
This and other CORE SDI security advisories are available at
http://www.core-sdi.com/english/publications.html
Technical Description:
Buffer overflow in WinVNC client:
A malicious server can exploit a buffer overflow in the client by sending a
fake server version and instead of the challenge method and the challenge
itself the following packet:
A rfbConnFailed packet with a length of 'reason' greater than 1024 and a
'reason string' of 1024 bytes. The client will try to log the reason string
calling the Log::Print method (ClientConnection.cpp, class
ClientConnection, method Authenticate, line 434).
Log::Print (Log.h, line 61) calls Log::ReallyPrint (Log.cpp) which calls
_vstprintf with a local buffer of fixed length (1024 bytes).
Exploitation of the above problem will lead to the execution of arbitrary
code on the client machine with the privileges of the user running the
VNC client.
DISCLAIMER:
The content of this advisory are copyright (c) 2000 CORE SDI Inc.
and may be distributed freely provided that no fee is charged for this
distribution and proper credit is given.
$Id: VNC-clientbo-advisory.txt,v 1.7 2001/01/29 21:26:45 iarce Exp $
---
"Understanding. A cerebral secretion that enables one having it to know
a house from a horse by the roof on the house,
Its nature and laws have been exhaustively expounded by Locke,
who rode a house, and Kant, who lived in a horse." - Ambrose Bierce
==[ CORE Seguridad de la Informacion S.A. ]=
Ivan Arce
Presidente
PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836 B25D 207B E78E 2AD1 F65A
email : [EMAIL PROTECTED]
http://www.core-sdi.com
Florida 141 2do cuerpo Piso 7
C1005AAG Buenos Aires, Argentina.
Tel/Fax : +(54-11) 4331-5402
=
---
Re: Keyboard shortcut for scrolling large screen?
That's all right Freddy, I still use vi and see no need for emacs. Ah well, life moves on. Freddy Jensen wrote: > > > I have used twm for over 10 years now and apart from > the missing "multiple-desktop" feature I have not yet > found anything that is missing in order to do effective > s/w development. Maybe I should consider myself as: > "something of mainly historical interest" ;-). > > Freddy - To unsubscribe, send a message with the line: unsubscribe vnc-list to [EMAIL PROTECTED] See also: http://www.uk.research.att.com/vnc/intouch.html -
Re: disconnect from the internet by command-line
What OS? Ran Sasson wrote: > hi all . > does anyone knows if there is an option > to disconnect from the internet by command-line ? > > TIA, > Ran > - > To unsubscribe, send a message with the line: unsubscribe vnc-list > to [EMAIL PROTECTED] > See also: http://www.uk.research.att.com/vnc/intouch.html > - - To unsubscribe, send a message with the line: unsubscribe vnc-list to [EMAIL PROTECTED] See also: http://www.uk.research.att.com/vnc/intouch.html -
