Technology :: Security
just before lunchtime on Tuesday, the 22nd of January 2008 by Capt Jake Fortune
Started to write a post about VNC but found one that said all I was going to.
If you need to provide remote desktop access to your organization’s Windows machines, and care even a little bit about IT security, do NOT use VNC. The Windows built-in Remote Assistance / Remote Desktop tools are a far better choice. This may seem obvious, but I still find organizations running VNC servers all over the place, usually for the helpdesk to provide users with remote troubleshooting. This can leave an environment ripe for compromise.
VNC has a few fundamental weaknesses:
- Most implementations do not require a username for authentication, and the password is stored in the registry using a trivial hashing mechanism. VNCcrack or Cain will instantly crack these hashes.
- There is typically no client-side confirmation or acknowledgment required for a VNC session to be established between a server and viewer, which can leave a user unaware that their activity is being monitored.
- Most significantly, because there’s no simple way to centrally manage VNC servers, administrators will typically use the same VNC password for every host to facilitate configuration and deployment. So if you compromise one Windows box through local vulnerabilities and gain access to its registry, you can obtain a VNC password that will work on every other machine in the environment. Not good.
I write and support a remote access security software for Windows environments called WiSSH – Windows over SSH. What it does is tunnel the Microsoft Remote Desktop protocol (RDP) over the standard SSH protocol. Very fast, very easy, very secure.
I keep wanting to make a version of WiSSH that supports VNC. VNC is also a remote desktop style protocol. I’ve used it in the past for several reasons but it is not nearly as robust and secure as RDP. Mainly to allow you to remote control Linux and Mac systems through the same interface used in WiSSH. I am still actively working on this and hope to have it ready soon. However all the security faults seem to be on the host side, not the client side. So my part of the equation will be clean at least.
![[del.icio.us]](http://pirate-king.com/wp-content/plugins/bookmarkify/delicious.png)
![[Digg]](http://pirate-king.com/wp-content/plugins/bookmarkify/digg.png)
![[Facebook]](http://pirate-king.com/wp-content/plugins/bookmarkify/facebook.png)
![[MySpace]](http://pirate-king.com/wp-content/plugins/bookmarkify/myspace.png)
![[Sphere]](http://pirate-king.com/wp-content/plugins/bookmarkify/sphere.png)
![[StumbleUpon]](http://pirate-king.com/wp-content/plugins/bookmarkify/stumbleupon.png)
![[Technorati]](http://pirate-king.com/wp-content/plugins/bookmarkify/technorati.png)
![[Windows Live]](http://pirate-king.com/wp-content/plugins/bookmarkify/windowslive.png)
![[Email]](http://pirate-king.com/wp-content/plugins/bookmarkify/email.png)
(No Ratings Yet)
Loading ...