the VNC documentation from the AT&T site, actually the RFB Protocol specification, states VNC uses a challenge-response system. The challenges is a 16 byte random number encrypted with the password given on the client side. the "authentication" packet is sent to the server. The protocol says the response is either "OK" or failed. since the client issues the challenge, where is the description of the response the server makes to the client?
I guess what I am asking is what really happens in the authentication stage since the protocol doc seems to be missing something. the protocol spec also says the server can decided if there have been too many authentication failures. What is too many? Thanks //chris -- Chris Hare, CISSP, CISA [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
