[EMAIL PROTECTED] wrote:
I have noticed some odd behavior with realvnc and VNC and tcp-wrappers. On one machine (linux rh8)
I have vnc -server-3.3.3r2-39.2 installed and on another vnc-4.0-1. VNC on the machine with version 3 seems to appropriately respect access control lists designated in hosts.allow and hosts.deny,
while the machine with version 4 does not. I have looked at /etc/services, inetd.conf, hosts.allow, hosts.deny and files in xinetd.d and all appear to be the same on both machines. Also the machine
with version 4 appropriately denies telnet and ftp access as specified in the access control lists, while still allowing vnc sessions to proceed. So it apears that tcp-wrappers are functioning
appropriately on those machines- just not for vnc. There were no modifications made to the version
3 VNC programs.
What vnc-setup are you using? Since you mention inetd, I think you use a setup as on http://www.sourcecodecorner.com/articles/vnc/linux.asp.
If so, then it is inetd (or xinetd) that handles stuff like hosts.deny and hosts.allow. Hence check that.
Then you mention differences between 3.x and 4.x. There has been some changes between those versions with respect to the security: THe major thing here is a change in default settings.
In the end, there is also the X11 side of vnc on unix: It generates a new X11 session which uses port 6000 + display-number.
To test differences beyond vnc, just move the Xvnc-R4 aside (rename it) and copy Xvnc from the R3 machine in place.
Any thoughts? Is there some difference between version 3 and 4 that would lead to this?
thanks, darren _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
_______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
