Hi there, >>> I have dsl. I am running win98, and when I came home I found someone >> > connected to my pc via winvnc. Is there a log file I can look at to >> > see
There is a log file, but it will only be there if you had that option turned on. It's also deleted if you stop and restart the service.....so, if you've rebooted your PC since the attack, that's a non-starter. Also, the IP address of the attacker is likely to be dynamic - if they are on dial- up and if they are behind a firewall, you are unlikely to be able to trace their identity. It's not impossible, but very difficult. I don't want to tell you how to operate you computer, but VNC - like any computer program or OS, can be abused. What makes it easy for you to remote control your home PC, also makes it easy for Joe Hacker. There's a couple of things you can do - sorry if this is a bit of a lecture, I've no idea what level of PC knowledge you have. 1) Set VNC to only allow connections from a set range of IP addresses. So, if you work / college / mate's computers always connect on range 202.192.64.x - then set VNC to ignore everyone else. This still isn't perfect as someone from that range of IP addresses could still attack your PC. 2) Put in a firewall - like ZoneAlarm or Norton Personal Firewall. That's okay to a point - but it isn't going to solve your VNC connection worries. (it will help stop people attacking or sweeping your PC for vunerabilities though). 3) Run zVNC instead of VNC. Zvnc has built in compression/encryption and listens on port 6000 - as opposed to 5800 and 5900 which are the default VNC ports. Put a complicated alphanumeric password in - something like "3Atmy5h0rt5" - it makes brute force attacks much harder. 4) Go for something like Stunnel on both your home PC and the computer you want to connect from. With stunnel you can set up secure tunnels between computer systems and by making VNC only accept local loopback connections - an intruder would have to crack your tunnel settings (difficult!!) before he could get to VNC. Stunnel would help prevent attacks to VNC, but your W98 shares are still likely to be visable. 5) By far the easiest option - at least in my experience - would be to use something like Freesco or another linux router. These take care of 99.9% of your security problems on DSL / cable. You can even set up secure tunnels or have port forwarding on the router (although that's a bit risky!) As it's unix, you only need an old 486 / old pentium and two network cards. I've set a few up now and they are easy to do. One of the guys I did it for isn't an IT wiz and he finds it easy to operate. I hope that helps! Later, Richard "Service, price , quality: pick any two." --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
