heads up, folks: random vnc (remote desktop) attempts
Chris Mohler
cr33dog at gmail.com
Mon Feb 16 21:23:53 UTC 2009
On Tue, Feb 17, 2009 at 2:21 PM, H.S. <hs.samix at gmail.com> wrote:
> NoOp wrote:
>
>> As you know by now, 5900 is a well known port that is scanned for
>> regularly. See some of the previous threads on this, but you can easily
>> change the port number to make it a little less obvious for script
>> kiddies etc. if you just need to get in and out briefly.
>>
>> http://isc.sans.org/port.html?port=5900
>>
>>
>>
>
> Thanks for interesting URL.
>
> Just out of curiosity, apart from the rogue user actually opening the
> desktop and fiddling with the user's files and folders, in what other
> way can this be exploited in relation to vino (the service that runs in
> Ubuntu for remote desktop)?
One bad scenario:
1. Open terminal
2. Install rootkit
3. Join botnet/spam network
Chris
More information about the ubuntu-users
mailing list