Nope. However, a VNC session is easily encrypted using a tunneling program, such as SSH (http://www.openssh.org) or Zebedee (http://www.winton.org.uk/zebedee).
Glenn -----Original Message----- From: Chris Hare, CISSP, CISA [mailto:[EMAIL PROTECTED]] Sent: Saturday, October 27, 2001 5:50 PM To: [EMAIL PROTECTED] Subject: CORE SDI Advisory - man in the middle attack There is a CORE SDI advisory about the VNC authentication protocol and how it is vulnerable to a man in the middle attack. This advisory was for 3.3.3. Has it been corrected in the current implementations? thanks -- Chris Hare, CISSP, CISA [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
