Maybe I didn't make my case clear, or I'm misunderstanding something here.
When I spoke of disabling NPF, I meant that I need to disable NPF on my
WinVNC *client* machine, not the server (host). My server is not running
NPF and doesn't need to be running it. It's behind a protected network.
So in order to connect to the server, on my client machine I have to disable
NPF, connect to the server using WinVNC Client, and then re-enable NPF. At
that point the connection is made, and NPF doesn't get in the way of my VNC
connection passing data either direction.
(As to the question about paranoia, I don't consider it paranoia to protect
myself from the random hacker/cracker. I know of a friend who was
victimized by such a random act. As far as we know, the perpetrator had no
connection to the victim. It was just a case of finding some who had left
his guard down. Some sick people just get their jollies by causing problems
for others, even if they can't see the direct effect of their destruction.
They know it's there, and their thrill is in getting away with it.)
-----Original Message-----
From: Seth Kneller [mailto:[EMAIL PROTECTED]]
Sent: Friday, May 04, 2001 10:13 AM
To: [EMAIL PROTECTED]
Subject: RE: WinVNC and Norton Personal Firewall 2001
Mickey Ferguson writes:
>I was just wondering if any virus generators, etc., might know about this
>port and try to gain access into my PC that way. Is that a security risk?
>After all, I do have a workaround where I disable NPF, connect to VNC, and
>then immediately re-enable NPF. That leaves me unprotected for maybe ten
>seconds maximum. Maybe I should leave well enough alone?
This is very unlikely. I have never heard of a virus connecting to a port,
to spread itself or anything; and to be perfectly honest this is a
ridiculous notion, since it couldn't do anything. Very few daemons (programs
running in the background (in windows speak TSR's - Terminate and Stay
Resident)) which accept connections allow direct access to the machine, and
most ask for a password up front.
Your workaround sounds complex to me, surely you would need to be in front
of the PC to disable NPF, which is what VNC is there to 'prevent'. From what
Angus Macleod says NPF would appear to work like ZoneAlarm and its just a
case of telling NPF that you want VNC to access the Internet and act as a
server.
Why o' Why are there so many paranoid people out there, the average Joe on
the street is unlikely to be the subject of cracker/hacker attack unless he
upsets someone or runs a big server that lots of people know about.
Cracking/Hacking is only fun if there is a publicity factor or you want to
enact revenge on someone. NPF can probably mask the fact that the VNC port
is open to protect from port scanners, however I tend to accept that this is
just something that 'happens' on the Internet, because there is very little
I can do about it, apart from disabling non-essential services.
Seth
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
