April 14th, 2005, 11:50 PM
More secure version of VNC?
Is there a version of VNC that stores its password more securely? TightVNC and RealVNC both store their password in the registry using DES, but since the key is know itís trivial to decrypt it.
April 15th, 2005, 01:27 AM
Well, I found UltraVNC:
it lets me use Doman authentication, bad side is it's flaky as hell and the only platform it runs on seems to be windows.
April 15th, 2005, 02:06 AM
Yep, Ultra is what I use. On top of domain auth, it offers file transfer too.
Hey Iron, wanna know another secret? No matter what you set the password in RealVNC, it will only look at the first 8 characters. Give it a try.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
April 15th, 2005, 02:14 AM
I've noticed the 8 character limit, VNC it's something Iíve been researching for my presentation. Iím surprised that after all these years Real and Tight have not added more security features. Ultra is doing some work in that area, but itís only for Windows. Also, Ultraís Java client does not seem to work with MS login. Thanks Horse.
April 15th, 2005, 02:19 AM
Probably because this restriction exists on Linux machines if one uses DES encryption, it's actually to do with the enryption algorithm. SHA1 would be ideal I'd suppose.
April 15th, 2005, 02:40 PM
April 15th, 2005, 02:53 PM
Read the first post.
Originally posted here by FlamingPacket
Try using TightVNC.
April 15th, 2005, 03:01 PM
Sorry, not fully awake yet. Me = retard...
April 15th, 2005, 03:21 PM
That's ok. I like tight VNC, it just does not have the options I need.
April 15th, 2005, 03:28 PM
I also use TightVNC. I just keep it in my private LAN, behind firewall....
until it gets at least two layers of authenticating I don't trust it for public networks
Make your knowledge your deadliest weapon.