Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

Security and VNC Ports

Post Reply
BillInt2000

Security and VNC Ports

Post by BillInt2000 »

Excuse this if it seems to be a dumb question, but is UltraVNC and the ports that are opened for it easily exploitable? In your (whoever might wish to answer) opinion, is leaving UltraVNC running as a service kind of leaving a gaping hole in the networks security???
(Im speaking of this as if it were being used by someone connecting from home as opposed to within the LAN)

thx
Top
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6862
Joined: 2004-04-23 10:21
Contact:
Contact Rudi De Vos

Post by Rudi De Vos »

The pasword is to weak, for internet use and permanent running server
you need to use an encryption plugin.
Top
sbest
20
20
Posts: 49
Joined: 2005-06-12 01:51
Contact:
Contact sbest

Post by sbest »

Bill:

Heya. Not a dumb question at all. Here's how to think about it: an open-port, by itself, isn't dangerous. What's dangerous is the stability of the software *listening* to network traffic on that port. All the encryption in the world won't help against attacks on a poorly written application listening on an open port.

Fortunately, and to answer your question, VNC has no known exploits that cause it to be a liability when listening to an open port. EchoVNC can enable VNC connections without any open ports, if it's still something you're unsure about.

cheers,
Scott
Top
Post Reply

Return to “Old messages”