[Sussex] unauthorised ssh attempts

Tony Austin tony at gigaday.com
Fri Aug 20 16:10:16 UTC 2004


Thanks for your info.

> Don't leave VNC open - that is an insecure protocol. Tunnel it over ssh
> instead.

Am I right in thinking that the insecurity that you refer to is someone
between A and B using a packet capture and then reverse engineering the
screen refreshes?

If so, how much of a risk is this really?  It sounds like quite a bit of
trouble to me - someone inside an ISP specifically targeting my packets;
it doesn't sound that easy to do, the sort of thing that would only be
directed at "high value" targets.

Or am I being naive?


Tony Austin
Gigaday Computing Limited
tony at gigaday.com

More information about the Sussex mailing list