No, these risks and others still exist. If security is a necessity (ie, outside of a local network, or even inside one if nosy people exist), one normally tunnels the VNC session inside of SSH or Zebedee or other encrypted tunnel. There are a couple of patches to do NT domain authentication, and there are a couple of "secure VNC" projects floating around (try a Google search), but for the most part, people tunnel.
-----Original Message----- From: Paul Simon [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 21, 2002 5:00 PM To: [EMAIL PROTECTED] Subject: Security Risk? Am I correct in these three assumptions? 1, this link is talking about the unix version 3.3.3r1 2, this crack is isolated to that specific version 3, vnc in it's current rev, has no known security issues? http://www.securiteam.com/tools/Brute_forcing_VNC_passwords.html Thanks --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
