From owner-freebsd-questions  Wed Sep 11 19:35:54 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EE97637B400
	for <freebsd-questions@freebsd.org>; Wed, 11 Sep 2002 19:35:51 -0700 (PDT)
Received: from mta02.mail.mel.aone.net.au (mta02.mail.au.uu.net [203.2.192.82])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C71FB43E6A
	for <freebsd-questions@freebsd.org>; Wed, 11 Sep 2002 19:35:50 -0700 (PDT)
	(envelope-from rbyrnes@ozemail.com.au)
Received: from ausyddtp0050.ozemail.com.au ([203.166.67.234])
          by mta02.mail.mel.aone.net.au with ESMTP
          id <20020912023549.KEWI21554.mta02.mail.mel.aone.net.au@ausyddtp0050.ozemail.com.au>;
          Thu, 12 Sep 2002 12:35:49 +1000
Message-Id: <5.1.0.14.2.20020912123436.03b4dec0@pop.ozemail.com.au>
X-Sender: rbyrnes@pop.ozemail.com.au
X-Mailer: I wish it was Linux
Date: Thu, 12 Sep 2002 12:40:22 +1000
To: erk! <tapeworm@insekta.org>
From: Rob B <rbyrnes@ozemail.com.au>
Subject: Re: tridiavnc security info?
Cc: freebsd-questions@freebsd.org
In-Reply-To: <20020911085519.0ba22ca6.tapeworm@insekta.org>
References: <20020911090529.C7198@seekingfire.com>
 <20020911090529.C7198@seekingfire.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

At 08:55 11/09/2002 -0700, erk! sent this up the stick:

>i'm curious, however, if anyone knows of specific security issues to
>watch for/protect against when doing this.  i'm not so worried about
>whether or not the windows box gets compromised, but i'd like to keep my
>freebsd box, which is my main desktop, protected as much as possible.
>i'm not familiar at all with the method that tridia uses to connect
>remotely, so any info here would be appreciated.

AFAIK, all passwords used to connect to VNC are in the clear, so I tunnel 
my VNC client through an ssh session.

         WinNT (work)                                            client machine
         VNC Client ---> PuTTY -----> internet -----> Unix box -----> VNC 
Server

This is really only worth doing if your VNC session is going over the 
internet.  For internal stufff, I wouldn't worry.  Use one of the firewalls 
included in FreeBSD to protect that box.

Cheers,
Rob

--
Bored people are boring people.

This is random quote 230 of a collection of 1251
[15200.8 km (8207.8 mi), 262.8 deg](Apparent) Rennerian


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message