Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

VNC Security issues

This forum is for VNC related products | This means not only UltraVNC | It even is allowed to announce or describe commercial (and of course non-commercial) programs here (but not anywhere else in the forum)
Post Reply
tog
Posts: 1
Joined: 2012-12-14 14:49

VNC Security issues

Post by tog »

Hi

I am using Ultra VNC Server and Viewer, when I push the Server to the clients I want to lock down the Properties so clients cannot make changes on there pc. As of now when I right click on Ultra VNC Server I can make any changed I want including the passswords.

Thanks for your Help

Tristan
Bonji
100
100
Posts: 339
Joined: 2008-05-13 14:54

Re: VNC Security issues

Post by Bonji »

I am using Ultra VNC Server and Viewer, when I push the Server to the clients I want to lock down the Properties so clients cannot make changes on there pc. As of now when I right click on Ultra VNC Server I can make any changed I want including the passswords.
Change the "AllowProperties" property in the ultravnc.ini to a value of 0. There are lots of other settings in there that you may want to tweak as well.

I'm sure that the vnc session I'm using from work is using SSH tunneling, so I'm sure that is secure, but I was wondering if having a vncserver running will allow people to connect to it without using ssh. i.e. could they brute force my vnc username and password to obtain a connection to my computer?
Assuming the encryption is decent, SSH tunneling is secure. I would highly recommend using the DSM encryption plugin that encrypts all of uVNC's communications. With this plugin, your password cannot be brute-forced until they get through the encryption component which would require the correct key.
-Ben
Post Reply