ATT Labs VNC Vulnerable To Attack

Not a lot of info here - is this some newly discovered vulnerability? It's pretty well documented in the VNC FAQ that this is possible. Are there now known middle-player tools or attack strategies or is this just a warning to underline already known design limitations?

If WINVNC is used correctly and secured correctly it is safer than most products on the market. VNC's website offers customizations that allow to be extremely secure even with no encryption on a private/internal network.

First off, Install VNC using the default install and then install it as a service (On all 95, 98, NT, 2000 machines).

Follow the directions on the VNC website to secure the listening server using the following.

Authhosts registry setting.
This allows the listening server to only accept connections from a specific IP address or IP address range

Accept/Deny Query registry setting
This allows the listening server to display an Accept or Deny message to the user/machine one is trying to control

Instruct the person sitting on the listening end that an agreement should be made prior to initiating any remote control session either by phone or communicate that the session will occur at a specific time. Come up with a stragedy to keep unauthorized remote control from occuring.

Have the person on the listening end change the password frequently.

Typically a legit. support call will be initiate with a phone call. At that time a support person can instruct the user to change the password.

Install Intrusion Detection Software to monitor any IP's which maybe trying to listen in or attack a particular individual.

Following the above steps will ensure security in using VNC as an open source package for performing essential remote support.

Please contact if you would like the above formalized

Chris Arsenault, MCP
chrisamcp@hotmail.com
Network Administrator
Houston, TX