Windows Real VNC Secure?

Discussion in 'Software' started by voodoo2k4, 19 Feb 2009.

  1. voodoo2k4

    voodoo2k4 Ghetto Modder

    Joined:
    21 Apr 2004
    Posts:
    316
    Likes Received:
    2
    Hello,

    So yer I have a beefy HTPC at home which I also use as my download box as its silent/passive/low power. Having no time at home to extract/repair all the blu rays off usenet etc I really need access to it remotely so that I can ensure Im always getting the most out of it.

    Im using Real VNC 64bit on Vista and its working well (except Vista Media Centre shows as a black screen). I have it set up with default security settings but running on a random port for connections and not using the windows password and using a standalone non-dictionary number/word password. I have a linksys wired router forwarding this random port to the HTPC.

    Is this safe enough or am I wide open to massive security issues?

    I'm not bothered if its not super bank grade secure, as nothing is. Just as long as its not blatantly asking to be hacked to pieces!

    Thanks,

    Dean.
     
  2. Stig

    Stig What's a Dremel?

    Joined:
    21 Dec 2008
    Posts:
    102
    Likes Received:
    2
    VNC is pretty secure as long as you take standard precautions. I'm sure somebody could get in if they really wanted, but then again, if somebody is really trying to break in they'll get in. Looks like you've got a pretty good setup, I wouldn't worry.
     
  3. voodoo2k4

    voodoo2k4 Ghetto Modder

    Joined:
    21 Apr 2004
    Posts:
    316
    Likes Received:
    2
    Thanks for the re-assurance. Ive rwad bits about VPN and SSH, Im not too sure on what they are or how they work. Should I look into them for peace of mind?

    Thanks,

    Dean.
     
  4. Firehed

    Firehed Why not? I own a domain to match.

    Joined:
    15 Feb 2004
    Posts:
    12,574
    Likes Received:
    16
    I doubt you really need to be that paranoid about it, so long as there's a decent password and your router isn't sticking the machine in question in the DMZ.
     
  5. Delphium

    Delphium Eyefinity enabled

    Joined:
    18 Mar 2007
    Posts:
    1,406
    Likes Received:
    35
    Sounds like your fairly pre set, however if you wished to look into vpn/ssh then read below :)

    If you would be installing either the vpn or ssh service on your vista based pc then I can recommend OpenVPN (open source freeware).
    EDIT: or even better for vpn... hamachi!! (had a brain fart earlier and forgot about it)

    And CopSSH for the ssh server as its really simple and user friendly to setup, again it freeware.
    If you are more familiar with linux then you might wish to try out Cygwin, however the setup is not so simple.

    I tend to use real VNC over SSH myself.

    Once CopSSH/Cygwin is installed and setup you may use Putty which is a free SSH client, to access the SSH server.

    You will need to setup VNC to accept localhost connections in the option page.

    With putty connecting over SSH you can create a tunnel in which your VNC traffic may flow.

    On the remote pc, the vnc connection would point to localhost:port.
    The reason for this is that the SSH tunnel will effectively mount the VNC server port on your local pc.

    Real-VNC over Cygwin-SSH using Putty Guide if using CopSSH over Cygwin then you can jump to step 3 on that page.

    Shout if you need any further help :)
     
    Last edited: 19 Feb 2009
  6. Glider

    Glider /dev/null

    Joined:
    2 Aug 2005
    Posts:
    4,173
    Likes Received:
    21
    VNC is far from secure... Sending plaintext passwords is so... Microsoft... :D

    But, as with every home user, don't be paranoid, nobody is interested in what girl you have as a background ;)
     
  7. Delphium

    Delphium Eyefinity enabled

    Joined:
    18 Mar 2007
    Posts:
    1,406
    Likes Received:
    35
    Real VNC 4 supports 256bit DES encrtpyed password, allthough not in the free edition.
     
  8. LAGMonkey

    LAGMonkey Group 7 error

    Joined:
    4 Aug 2004
    Posts:
    1,507
    Likes Received:
    8
    i would recomend an SSH tunnel for any connection to your sever from the "outside" world. I currently have to use the SSH tunnel i set up (openSSH on linux server + Putty) to get through the opressive Aramco internal intranet so that i can type this message!

    next stop will be a HTTP tunnel so that i avoid pesky layer7 filtering (currently SSH is being tracked as SSH but with a HTTP tunnel itll look like HTTPS traffic instead! )

    Oh, and there isnt anything wrong with being a little paranoid
     

Share This Page