>> This VNC Cracker operates with brute-force mode.. this means you have
>> to
>> give it a list of passwords and vnccracker tries all this passwords on
>> a
>> specified host.
>> you cannot get the vnc password directly with this tool.
>
>Even so, this (vnccracker) makes a great case for running vnc across ssh.
>If you
>don't... you're open. All it takes is for some idiot with time on his/her
>hands
>and a bit of desire...
Entirely true. The encryption system under development will solve this
problem and, like SSH, will have "convenience" features which truly
paranoid people can bypass but which will make the encryption almost
transparent to most users.
Note that most people still use e-mail systems (eg. POP3 and IMAP) where
their password is sent in plaintext every time they check mail. VNC is
just a tiny bit more secure than that already - after sniffing the
handshake, an attacker must then crack the password. At this point, the
8-character limit rears it's ugly head (doesn't take all that long to crack
8 characters on a new machine), which is where my new authentication scheme
comes in. More details soon...
Incidentally, brute-force crackers don't need a dictionary to work. They
often employ a dictionary as an initial list, to speed up the work (finding
common passwords early), but they can also go straight ahead and crack
every possible combination of characters up to a specified length.
There are about 94 typable characters on a typical keyboard, so 94^8 is the
number of 8-character passwords needed to check. This is approximately 6.1
quadrillion (10^15) passwords, but that can be cracked by a small array of
powerful personal computers inside of a few days. The vast majority of
users use only 72 of those typable characters (upper+lower-case letters,
numbers and the symbols on the number keys), which reduces the "problem" to
72^8 or 0.75 quadrillion passwords. Using just one case of letter plus the
number keys takes the possibilities down to 2*(36^8) or 2.8 trillion
passwords. With dictionary assistance, most users' passwords would fall
victim within the hour, even given a modest PC of current standards.
I read an article about L0phtCrack back in the days when a dual-PPro-200
machine was the hottest box around. The reviewer ran it on such a box and
found that it would take approximately a day to crack the vast majority
(better than 99%) of the passwords on his corporate network.
However, most people don't have to worry about this kind of thing - and
once the encryption system is completed, nobody will have to worry about it
unless they are truly paranoid. For that kind of person, there are two
options - SSH, and a guarded concrete bunker with no Internet access.
--------------------------------------------------------------
from: Jonathan "Chromatix" Morton
mail: [EMAIL PROTECTED] (not for attachments)
big-mail: [EMAIL PROTECTED]
uni-mail: [EMAIL PROTECTED]
The key to knowledge is not to rely on people to teach you it.
Get VNC Server for Macintosh from http://www.chromatix.uklinux.net/vnc/
-----BEGIN GEEK CODE BLOCK-----
Version 3.12
GCS$/E/S dpu(!) s:- a20 C+++ UL++ P L+++ E W+ N- o? K? w--- O-- M++$ V? PS
PE- Y+ PGP++ t- 5- X- R !tv b++ DI+++ D G e+ h+ r++ y+(*)
-----END GEEK CODE BLOCK-----
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
