To round out UltraVNC's features, I would like to see the following:
- Anti-hammering
- temporary ban after xx attempts and ban length (minutes, hours, days, weeks, months, years)
- permanent ban after xx attempts
- blacklist editor for temporary and permanent bans
- Auto-ban based on locale (eg: Ukraine originated attempts)
- Optionally display a pop-up, and/or play a user-configurable sound (Windows sound event) when an IP address...
- is added to the ban list
- on the ban list, attempts to connect, and is blocked
- Accept/Reject connect requester: add IP address to temporary ban list, using configurable ban length
The time delay security feature is great, because miscreants only ever try two or three times before giving up (using the same originating IP address). The encryption plugin is also a great way to make things far more difficult for miscreants.
After more 2 000 000 (two million) views on forum for 1.5.0.x development versions... and 1.6.1.0, 1.6.3.0-dev versions
A new stable version, UltraVNC 1.6.4.0 and UltraVNC SC 1.6.4.0 have been released: https://forum.uvnc.com/viewtopic.php?t=38095
Feedback is always welcome
2025-12-05: Celebrating the 23th anniversary of the UltraVNC (26th anniversary since the laying of the foundation stone): https://forum.uvnc.com/viewtopic.php?t=38130
2025-12-03: Could you please complete our poll/survey? Renaming UltraVNC files and service to be more clear: https://forum.uvnc.com/viewtopic.php?t=38128
There was a problem to vote, it is solved now! Thanks in advance!
2025-12-02: We need help: English Wikipedia UltraVNC page has been requested to deletion: https://forum.uvnc.com/viewtopic.php?t=38127
Any help is welcome to improve the UltraVNC page and/or to comment on the Wikipedia Talk page
2025-05-06: Forum password change request: https://forum.uvnc.com/viewtopic.php?t=38078
2023-09-21: Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Development: UltraVNC development is always here... Any help is welcome
Feedback is welcome
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
A new stable version, UltraVNC 1.6.4.0 and UltraVNC SC 1.6.4.0 have been released: https://forum.uvnc.com/viewtopic.php?t=38095
Feedback is always welcome
2025-12-05: Celebrating the 23th anniversary of the UltraVNC (26th anniversary since the laying of the foundation stone): https://forum.uvnc.com/viewtopic.php?t=38130
2025-12-03: Could you please complete our poll/survey? Renaming UltraVNC files and service to be more clear: https://forum.uvnc.com/viewtopic.php?t=38128
There was a problem to vote, it is solved now! Thanks in advance!
2025-12-02: We need help: English Wikipedia UltraVNC page has been requested to deletion: https://forum.uvnc.com/viewtopic.php?t=38127
Any help is welcome to improve the UltraVNC page and/or to comment on the Wikipedia Talk page
2025-05-06: Forum password change request: https://forum.uvnc.com/viewtopic.php?t=38078
2023-09-21: Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Development: UltraVNC development is always here... Any help is welcome
Feedback is welcome
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Increased security
Re: Increased security
Agreed that would be valuable to have, but 99% of this issue goes away if you use an obscure high numbered listening port. Then only those who are actually targeting you (as opposed to opportunistic drive-bys) are tempted to "hammer" on the login.
-
Tristan Young
- Posts: 4
- Joined: 2009-01-26 16:02
Re: Increased security
What is the highest port number that can be used?
This is one of those questions I've been meaning to research, but never really remembered to because something else more important always comes up.
I agree with you, and thought of changing the port. I'll probably do that, but it would still be nice to have a ban system in place.
This is one of those questions I've been meaning to research, but never really remembered to because something else more important always comes up.
I agree with you, and thought of changing the port. I'll probably do that, but it would still be nice to have a ban system in place.
Re: Increased security
As far as I know, about 65535. (The top end of possible IPv4 TCP port numbers.) But picking something more random is a lot better in the quest for obscurity.
I think your antihammering idea is best used in CONJUNCTION with high port numbers and, much more importantly, good encryption, DSMPlugins, VPN, ssh, tokens, etc.
I think your antihammering idea is best used in CONJUNCTION with high port numbers and, much more importantly, good encryption, DSMPlugins, VPN, ssh, tokens, etc.
-
Tristan Young
- Posts: 4
- Joined: 2009-01-26 16:02
Re: Increased security
I merely wanted to know the range I could choose from. I'd never go for the highest number.
I like the idea of coupling both random numbers and ban list.
I guess I'm used to anti-hammering from running an FTP server, and back in my early days when I ran a BBS. I wrote anti-hammering measures because people would attempt to crash the gate, so to speak.
I like the idea of coupling both random numbers and ban list.
I guess I'm used to anti-hammering from running an FTP server, and back in my early days when I ran a BBS. I wrote anti-hammering measures because people would attempt to crash the gate, so to speak.
Re: Increased security
Sure. I agree with you; in my opinion such "throttling" should have been in place in VNC starting in its first days at AT&T / Olivetti in the UK. It's pretty rudimentary.
By the way, I wouldn't be surprised if UltraVNC DOES already have such a facility -- I've never checked or tested.
By the way, I wouldn't be surprised if UltraVNC DOES already have such a facility -- I've never checked or tested.