1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

VNC Security

Discussion in 'General Security' started by Tabvla, Sep 25, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. Tabvla

    Tabvla Thread Starter

    Joined:
    Apr 10, 2006
    Messages:
    2,554
    Question : Is it possible to really make VNC secure ?

    I am currently looking at a technology that uses a loopback Localhost (127.0.0.1) connection together with Blowfish encryption to secure a VNC session.

    The procedure appears to be secure but I don't have sufficient practical knowledge of VNC to assess whether this solution really is 100% failsafe.

    Below is an overview of the solution. Comments from those with practical VNC experience would be most appreciated.

    TiA

    Overview of the VNC Secure Procedure

    1. This procedure provides a secure wrapper around VNC operation.

    2 VNC is configured so that it will only accept connections from localhost (127.0.0.1). This means that there are no open ports on to the Internet or LAN and that VNC will only accept connections from the computer on which it is hosted. There is no requirement to modify your firewall to forward VNC port requests to your computer. The software acts as a proxy running on a localhost connection with VNC. There is no inbound open ports.

    3. All communication between the VNCViewer and the WinVNC server are encrypted using Blowfish with a 128-bit encryption key. This communication includes both the authentication of the VNC connection as well as all of the screen/mouse/keyboard updates.

    4. Unlike the normal VNC server, the Share cannot be operated remotely and does not support unattended sessions. It requires the presence of a person on the Share computer to accept the session request from the person doing the Access.

    5. Each time a session is executed a unique 12-digit Access Code is generated for the session. This Access Code is hashed to generate the 128-bit encryption key used by Blowfish. Thus, each session has a different encryption key. This is unlike VNC in which the same authentication password is used for each connection.

    6. Because there are no open ports on the client computers, the process is protected from SYN floods or other forms of DOS attacks. This would, for example, be possible with a traditional VNC server which opens a port through the firewall and sits there listening on a port. Since we don't require open TCP ports that anyone on the net can connect to (i.e. open to SYN flood attacks), we're not vulnerable. We provide extra protection for the Share which is executing WinVNC because we allow only loopback (localhost on 127.0.0.1) connections. It is impossible for an outside computer to connect directly to WinVNC.
     
  2. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    11,578
    Can you elaborate on point 4. How does the remote person request access to the 'share' ? Since you say in point 6 that there are no open ports, then how does a remote person request access?
     
  3. Tabvla

    Tabvla Thread Starter

    Joined:
    Apr 10, 2006
    Messages:
    2,554
    Good question LunarLander (y)

    I will run some tests on that and see exactly how the "share" is initiated.
     
  4. Tabvla

    Tabvla Thread Starter

    Joined:
    Apr 10, 2006
    Messages:
    2,554
    Hi LunarLander

    Further investigation indicates that the following procedures are in place.

    A VIPtunnel through HTTP using port 80 is used. For Peer to Peer and UDP traffic a randomly selected port above 1024 is used. A secure server sits between the shares. This server uses WinVNC and VNCViewer to facilitate the communication.

    The emphasis seems to be on semantics wherein a "secure connection" is differenciated from a "secure system". To quote from the documentation....

    ".... an open port is required for a peer-to-peer connection but this connection is one-way in the outbound direction..... once the connection is made it is very secure..... if all ports are locked down then a relay connection is used which does not require any open ports..."

    My lack of indepth knowledge of VNC prevents me from accurately assessing as to whether this procedure is secure or just "smoke-and-mirrors" :confused:

    T.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/753176

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice