Mike, Neither worms nor viruses can propagate via a VNC connection, since the protocol contains no scripting or executable elements.
The main issues with opening a firewall to allow VNC access are to do with session snooping, tampering and impersonation attacks, which are pretty rare. VNC Enterprise and Personal Editions (http://www.realvnc.com) have in-built security to protect from such attacks, or you can tunnel your VNC connections via a secondary protocol such as SSH. Regards, Wez @ RealVNC Ltd. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of mbrown > Sent: 16 August 2005 20:04 > To: vnc-list@realvnc.com > Subject: VNC security > > We are behind a firewall, but want to get VNC to allow consultants we > trust to have remote access to our computers (and vice versa). Past > posts to this list convinced me that opening a port in the > firewall for > specific users is a secure activity, but our IT guys are now > saying that > it doesn't necessarily protect our systems from worms or viruses that > may already inhabit the trusted user's computers. > > Does anyone have a response to this? It seems logical. Would we want > to require that any remote user that traverses our firewall > via VNC have > an acceptable virus scan before doing so? Are there particular VNC > products that would be best for both us and our clients? Can our > clients use the free version? > > > Mike Brown > Salt Lake City > _______________________________________________ > VNC-List mailing list > VNC-List@realvnc.com > To remove yourself from the list visit: > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list VNC-List@realvnc.com To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
