Results 1 to 2 of 2

Thread: securing VNC

  1. #1
    Join Date
    Apr 2009
    Posts
    27

    Question securing VNC

    I finally got VNC to work and can remotely access my server, but some of the things I have read on the Internet say that it is not very secure. Granted I only intend to use this on my home network and not outside it, but it would be good to know how to secure VNC should I need to.

    So, what steps would I take to secure the VNC connection?

  2. #2

    Default Re: securing VNC

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    VNC is definitely insecure. It has no encryption for the data going across
    at any point including authentication (username/password). On the other
    hand if you are only on your home network and you never catch a virus that
    can do evil things on your network you should be fine. In VNC's defense
    if you (in your environment at least) get a virus or other malware that
    captures unencrypted LAN traffic chances are it can also capture
    keystrokes which means your entire life is toast and not just your VNC
    connection since a keylogger will capture data sent across a secure
    channel as quickly as data sent across an open channel.

    How to you protect it? VNC can be tunneled (easily even) via SSH. If you
    are just on your network I wouldn't bother with this in most cases but in
    the real world SSH from your client machine to the server and forward a
    port from your side (5901 for example) to the server's port (probably
    5901). Once done you just VNC to your local box on 5901 and your traffic
    is sent securely to the server's port 5901. You'll need to find out which
    port you need for VNC and forward that one.

    Good luck.





    Z K wrote:
    > I finally got VNC to work and can remotely access my server, but some of
    > the things I have read on the Internet say that it is not very secure.
    > Granted I only intend to use this on my home network and not outside it,
    > but it would be good to know how to secure VNC should I need to.
    >
    > So, what steps would I take to secure the VNC connection?
    >
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.9 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iQIcBAEBAgAGBQJKQo4HAAoJEF+XTK08PnB5aRYP+gPxn9uZ7EpDHvadGWhKcFYU
    iVKAoR1CNioFZtyNCTm18fpaCPMN/smVDPkTTzyF3wHOf0c/3HfvdiEBFOnfMrHc
    GlRUCWOg6LNi9eSz22uElqwjJVO1CSClj8DEP9H8K9SSpnuMqtTHfIBDTgCh0rWd
    SETKAGdxWCqV0v6vNgxZ3tDBa26jsRYOJAnbXlyqDIYCYWUAbFIvbH0dfhrEieO+
    qVtpR/0WiAA55gl8UhtUbiegxaBUSChHIh5megU3aEciB10nylNfO1YPL4LD+xyb
    /X4/MUKN3wtBUU/UGTz4BpRI9PEStyanA1NdPM3gX8noIYmyK+1/llt7+SXTk335
    CKKjYTMicXhWWxRxGs/mm4I+03+t7fzDUdsPC6FzfSlCZ4wyO5jGuug6OHXzqZ6O
    XBC2uLi6h4WbWr0p7PBP/Mg3JdH5gnOaEIDiTVUxF6oYzb0sGtVTV7bTWDY0sRw3
    HktTH+vPU4em7ufYPTJ7ajc6wDrxhlr/+w1QijmYy65linIYabaC9lZfwe1V21wr
    g+bpTERrjuRXWSCNxOk0nl+014guHd0kO3vJjLRI1EsrBdDq0t+eahaWKbV/etve
    ytgQF8hPUiQRMsDfwSAH1QtwrrCLgR0RjDhTsI7fmyy4tHxTL5n5jcS8dVzcgSMz
    AR5ntj2EinpjjnsLwrnL
    =rziF
    -----END PGP SIGNATURE-----

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •