heads up, folks: random vnc (remote desktop) attempts
H.S.
hs.samix at gmail.com
Mon Feb 16 02:37:46 UTC 2009
Norberto Bensa wrote:
> On Sun, Feb 15, 2009 at 11:08 PM, H.S. <hs.samix at gmail.com> wrote:
>> Lesson: looks like there are rogue attempts to open a vnc connection on
>> random IP addresses. This is akin to random attempts at trying to
>> connect via the SSH port that many people may have noticed in
>> /var/log/auth.log. So folks, just do not setup your remote desktop
>> without some sort of security, preferably both password and permission
>> prompt.
>
> I'm sorry, but this is not news. rdp, vnc, ssh, telnet, etc. are been
> exploited since ages.
I do not run telnet or rdp or most other services. Ionly run SSH on my
machine. And apache on a webserver machine. That's about it. I started
using VNC the way I described earlier only this very first time. But as
a best practice, I asked my friend to enable the prompt for permission
as we were not using password at that time.
>
> You should never run services without security. In the case of vnc,
> run it through ssh, and run ssh with keys (not passwords.)
Already do so. Some with and others without passwords. Tunneling the
various services through SSH has been one of the most wonderful things I
discovered when I started Linux some years ago. I have even installed
Cygwin in some windows machines which I connect using a VNC client.
Does Canonical provide anything similar to Cygwin?
Regards.
--
Please reply to this list only. I read this list on its corresponding
newsgroup on gmane.org. Replies sent to my email address are just
filtered to a folder in my mailbox and get periodically deleted without
ever having been read.
More information about the ubuntu-users
mailing list