More secure version of VNC?
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: More secure version of VNC?

  1. #1
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897

    More secure version of VNC?

    Is there a version of VNC that stores its password more securely? TightVNC and RealVNC both store their password in the registry using DES, but since the key is know itís trivial to decrypt it.

  2. #2
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    Well, I found UltraVNC:

    http://ultravnc.sourceforge.net/index.html

    it lets me use Doman authentication, bad side is it's flaky as hell and the only platform it runs on seems to be windows.

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    Yep, Ultra is what I use. On top of domain auth, it offers file transfer too.

    Hey Iron, wanna know another secret? No matter what you set the password in RealVNC, it will only look at the first 8 characters. Give it a try.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  4. #4
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    I've noticed the 8 character limit, VNC it's something Iíve been researching for my presentation. Iím surprised that after all these years Real and Tight have not added more security features. Ultra is doing some work in that area, but itís only for Windows. Also, Ultraís Java client does not seem to work with MS login. Thanks Horse.

  5. #5
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    Probably because this restriction exists on Linux machines if one uses DES encryption, it's actually to do with the enryption algorithm. SHA1 would be ideal I'd suppose.
    /\\

  6. #6
    Junior Member
    Join Date
    Apr 2005
    Posts
    9
    Try using TightVNC.

  7. #7
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    Originally posted here by FlamingPacket
    Try using TightVNC.
    Read the first post.

  8. #8
    Junior Member
    Join Date
    Apr 2005
    Posts
    9
    Sorry, not fully awake yet. Me = retard...

  9. #9
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    That's ok. I like tight VNC, it just does not have the options I need.

  10. #10
    Senior Member
    Join Date
    Jan 2004
    Posts
    124
    I also use TightVNC. I just keep it in my private LAN, behind firewall....

    until it gets at least two layers of authenticating I don't trust it for public networks
    Ikalo
    ------
    Make your knowledge your deadliest weapon.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides