FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 02-16-2009, 12:08 AM
"H.S."
 
Default heads up, folks: random vnc (remote desktop) attempts

Hi,

A few weeks ago I was helping a friend fix a few quirks with his brand
new machine and Ubuntu install (64 bit, newest version, Jaunty?). So I
asked him to start his remote desktop (VNC) with no password but which
required his permission to let a client connect to his desktop.

He forwarded port 5900 on his router to his machine and all worked well.
I was able to see his desktop successfully.

We did our work and thought nothing about it later.

It turns out that after a few days he noticed some unexplainable IP
address requesting to see his desktop. He knew it was not me. He
immediately denied the request and removed the port forwarding on his
firewall for good measure.

Since then, he just has his SSH port forwarded and I tunnel VNC
connection through it. This is the most secure way I can think of at
present to do this.

Lesson: looks like there are rogue attempts to open a vnc connection on
random IP addresses. This is akin to random attempts at trying to
connect via the SSH port that many people may have noticed in
/var/log/auth.log. So folks, just do not setup your remote desktop
without some sort of security, preferably both password and permission
prompt.

Regards.

--

Please reply to this list only. I read this list on its corresponding
newsgroup on gmane.org. Replies sent to my email address are just
filtered to a folder in my mailbox and get periodically deleted without
ever having been read.


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 02-16-2009, 12:15 AM
Chris Mohler
 
Default heads up, folks: random vnc (remote desktop) attempts

On Mon, Feb 16, 2009 at 7:08 PM, H.S. <hs.samix@gmail.com> wrote:

>So folks, just do not setup your <insert_any_service_here> without some sort of security

There, fixed that for you

Chris

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 02-16-2009, 12:24 AM
Norberto Bensa
 
Default heads up, folks: random vnc (remote desktop) attempts

On Sun, Feb 15, 2009 at 11:08 PM, H.S. <hs.samix@gmail.com> wrote:
> Lesson: looks like there are rogue attempts to open a vnc connection on
> random IP addresses. This is akin to random attempts at trying to
> connect via the SSH port that many people may have noticed in
> /var/log/auth.log. So folks, just do not setup your remote desktop
> without some sort of security, preferably both password and permission
> prompt.

I'm sorry, but this is not news. rdp, vnc, ssh, telnet, etc. are been
exploited since ages.

You should never run services without security. In the case of vnc,
run it through ssh, and run ssh with keys (not passwords.)

Regards,
Norberto

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 11:56 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org