[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Can I add KVNC to kdenetwork?
From:       Richard Moore <rich () ipso-facto ! freeserve ! co ! uk>
Date:       2000-05-28 15:43:07
[Download RAW message or body]



tibirna@kde.org wrote:
> 
> On Sat, 27 May 2000, Richard Moore wrote:
> 
> > > Excellent. One question though. Did you follow the security discussions
> > > concerning VNC clients? Sorry for not being able to give more details, I
> > > didn't follow those discussions closely.
> >
> > Where did these discussions occur? I have read several on the vnc
> > mailing list which have all concluded it is safe, but I left that
> > list a while because there was far too much junk on it.
> 
> Either on Bugtraq or on security-audit
> (security-audit@ferret.lmh.ox.ac.uk).
> 
> Sorry, I lump them together. Discussion occured 5-15 days ago and I didn't
> pay too much attention. Was something about client having lax code that
> allowed compromising servers.

I found a report that said that the password system was open to
brute force attacks. Is that what you mean? The password is never
sent across the net in clear so it should be pretty secure. You
can also use SSH, thought the procedure is quite contrived.

Rich.


> 
> --
> Cristian Tibirna     : ctibirna@total.net     : www.total.net/~ctibirna
> PhD Student          : ctibirna@gch.ulaval.ca : web.gch.ulaval.ca/~ctibirna
> KDE contact - Canada :  tibirna@kde.org       : www.kde.org

-- 
     Richard Moore		rich@ipso-facto.freeserve.co.uk
http://www.robocast.com/	richard@robocast.com
http://developer.kde.org/	rich@kde.org

[prev in list] [next in list] [prev in thread] [next in thread]