[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Security Implications of using VNC Viewer /WinVNC
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 No, what he is saying is that, yes, the password is in the Registry, with a weak protection. Breaking it is trivial. His point is that if someone is able to get to your Registry remotely, you have much bigger problems on your hand. If you physically in front of a box, you pretty own the box anyway. That does not mean that VNC is not useful. If the Registry is reasonably secured, and no unauthorized user has access to it (and the machine is firewalled so that no one from the Internet can chip away at it), than having the weak password in the Registry is not a big deal. The risk in using VNC lies in the protocol itself. Yes, the authentication is done with hashes I believe, but these can be sniffed of the net and brute-forced (Hey Dug, when will dniff read VNC? ;) The rest goes across pretty much in clear text. It should not be much of an effort to write a sniffer that re-creates the transmitted screen info and keystrokes and displays it on the hackers PC. VNC is a nice little remote control utility. However, don't run it on sensitive servers, not without using a VPN or SSH or your favorite encrypting tunnel. Regards, Frank > -----Original Message----- > From: Bill Husler [mailto:[email protected]] > Sent: Monday, September 25, 2000 5:38 PM > Cc: Checkpoint Mailinglist > Subject: Re: [FW1] Security Implications of using VNC Viewer > /WinVNC > > > > I guess what I am hearing you say is that there is no way to > Read information from > the registry remotely and that one would have to be > physically at the console in > order to have this access (in which case, you would hardly > need VNC anyway). > Bill > > Ken McKinlay wrote: > > > A brute force attack can be made on the password if you can > gain access to > > the password in the registry. Of course, if you have access > to the registry, > > many other things as possible too :) > > > > >From an archived message on the VNC mailing mail > > (http://www.uk.research.att.com/search.html): > > > > <snip> > > The registry entry is only encrypted to prevent it from > being readable if > > you happen to have it up on your screen in regedit for some > reason, not to > > provide security (that should be done using registry > security under WinNT). > > If you have access to the Windows machine then obviously > you can change the > > password, or decrypt it > > <snip> > > > > Ken McKinlay > >) > > Extension 506 > > [email protected] > > > > -----Original Message----- > > From: Bill Husler [mailto:[email protected]] > > Sent: Monday, September 25, 2000 14:04 > > Cc: Checkpoint Mailinglist > > Subject: Re: [FW1] Security Implications of using VNC Viewer > > /WinVNC > > > > I have heard that the windows version of VNC stores the > password in an > > unprotected > > (by default) area of the registry using a simple hash and may be > > exploitable. Does > > anyone care to speak to this? > > Bill > > > > [email protected] wrote: > > > > > On Wed, 13 Sep 2000, Aaron Turner wrote: > > > > > > > Not sure where I read/found this, but I remember > hearing that people > > > > were tunnelling VNC over SSH. > > > > > > it is on the vnc website. > > > > > > http://www.uk.research.att.com/vnc/sshvnc.html > > > > > > - brett > > > > > > > > > ============================================================== > ============== > > ==== > > > To unsubscribe from this mailing list, please see > the instructions at > > > http://www.checkpoint.com/services/mailing.html > > > > > > ============================================================== > ============== > > ==== > > > > > ============================================================== > ============== > > ==== > > To unsubscribe from this mailing list, please see the > instructions at > > http://www.checkpoint.com/services/mailing.html > > > ============================================================== > ============== > > ==== > > > > > ============================================================== > ================== > > To unsubscribe from this mailing list, please see the > instructions at > > http://www.checkpoint.com/services/mailing.html > > > ============================================================== > ================== > > > > ============================================================== > ================== > To unsubscribe from this mailing list, please see the > instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================== > ================== > -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.1 Comment: PGP or S/MIME (X.509) encrypted email preferred. iQA/AwUBOc/byURKym0LjhFcEQL7WQCgiuetxQXZx4FiiuWJjcU/+CfPdL0AoNVt liSAkRGSJyjue2c4DKWDrCtf =dbdX -----END PGP SIGNATURE----- ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|