OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Re[2]: ssh server for WinNT
From: Brad Guillory (roundbaileylink.net)
Date: Tue Jun 27 2000 - 18:24:13 CDT

VNC passwords are encrypted but the data is not. This means that
if you enter a password after the session is setup (i.e. to log into
the NT box) your password is snoopable.

BMG

On Tue, Jun 27, 2000 at 10:34:34AM -0500, James Wyatt wrote:
> A lot of useful things can be done with CLI on NT, especially when your
> scripting is in Perl...
>
> Couldn't you also use SSH to tunnel the VNC traffic, protecting it from
> snooping and providing multiple passwords for multiple users? I thought
> VNC passwords were sent clear and not rate-limited to prevent cracking.
>
> Just my 2 bits - Jy
>
> On Tue, 27 Jun 2000, Gabriel Ambuehl wrote:
> [ ... ]
> > Tuesday, June 27, 2000, 4:39:29 PM, you wrote:
> > > Since when is putty a ssh server? I coulda sworn it was a telnet/ssh1/etc
> > > client... but then again i have been wrong before :P
> >
> > You're right. It IS just a client. I'm just doubting how much sense a
> > ssh server for NT would make. Ok, you can control many of the network
> > stuff from CLI but beside that, you'd still have the need for a
> > solution such as VNC or PcAnywhere to control the settings only
> > avaiable by the GUI (one could argue that's possible to control the
> > system by hacking the registry which should be doable from CLI but who
> > would be so masochistic? ;-).
> [ ... ]
>
>
>
>
> To Unsubscribe: send mail to majordomoFreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message 

-- 
    __O    |     Information wants to be free!     |     __O    Bike
  _-\<,_   |  FreeBSD:The Power to Serve (easily)  |   _-\<,_    to
 (_)/ (_)  | OpenBSD:The Power to Serve (securely) |  (_)/ (_)  Work

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message