April 14th, 2005 10:50 PM
More secure version of VNC?
Is there a version of VNC that stores its password more securely? TightVNC and RealVNC both store their password in the registry using DES, but since the key is know itís trivial to decrypt it.
April 15th, 2005 12:27 AM
Well, I found UltraVNC:
it lets me use Doman authentication, bad side is it's flaky as hell and the only platform it runs on seems to be windows.
April 15th, 2005 01:06 AM
Yep, Ultra is what I use. On top of domain auth, it offers file transfer too.
Hey Iron, wanna know another secret? No matter what you set the password in RealVNC, it will only look at the first 8 characters. Give it a try.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
April 15th, 2005 01:14 AM
I've noticed the 8 character limit, VNC it's something Iíve been researching for my presentation. Iím surprised that after all these years Real and Tight have not added more security features. Ultra is doing some work in that area, but itís only for Windows. Also, Ultraís Java client does not seem to work with MS login. Thanks Horse.
April 15th, 2005 01:19 AM
Probably because this restriction exists on Linux machines if one uses DES encryption, it's actually to do with the enryption algorithm. SHA1 would be ideal I'd suppose.
April 15th, 2005 01:40 PM
April 15th, 2005 01:53 PM
Read the first post.
Originally posted here by FlamingPacket
Try using TightVNC.
April 15th, 2005 02:01 PM
Sorry, not fully awake yet. Me = retard...
April 15th, 2005 02:21 PM
That's ok. I like tight VNC, it just does not have the options I need.
April 15th, 2005 02:28 PM
I also use TightVNC. I just keep it in my private LAN, behind firewall....
until it gets at least two layers of authenticating I don't trust it for public networks
Make your knowledge your deadliest weapon.