The latest versions of Xvnc and WinVNC both include code to disallow
repeated failed connections from hosts. This provides decent protection
from simple brute-force attacks of that type.
Cheers,
James "Wez" Weatherall
--
"The path to enlightenment is /usr/bin/enlightenment"
Laboratory for Communications Engineering, Cambridge - Tel : 766513
AT&T Labs Cambridge, UK - Tel : 343000
----- Original Message -----
From: "Jerry McBride" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, May 28, 2001 4:12 PM
Subject: Re: AW: Hacking
> On Mon, 28 May 2001 16:46:19 +0200
> "Werbinek, Florian" <[EMAIL PROTECTED]> wrote:
>
> > This VNC Cracker operates with brute-force mode.. this means you have
> > to
> > give it a list of passwords and vnccracker tries all this passwords on
> > a
> > specified host.
> > you cannot get the vnc password directly with this tool.
> >
>
> Even so, this (vnccracker) makes a great case for running vnc across ssh.
> If you
> don't... you're open. All it takes is for some idiot with time on his/her
> hands
> and a bit of desire...
>
>
> --
>
>
****************************************************************************
***
> * Registered Linux User Number 185956
> *
>
****************************************************************************
***
> ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> ---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
