How do I set up a safe/secure connection with RealVNC?

BZeto

Platinum Member
Apr 28, 2002
2,428
0
76
I'm going to use RealVNC to control my home computer from work. I haven't played with the VNC server yet, but I assume there are some security options. Other than setting a good password, what else can I do to make sure no one else but me can control my home computer remotley? Also, how hard is it for attackers to find my computer running vnc and break the password?

Thanks.
 
 

BZeto

Platinum Member
Apr 28, 2002
2,428
0
76
I think I can do that with my Buffalo router. But I was looking to find out just how secure doing it without a VPN and just setting a password would be. Or what basic VNC settings there are to increase security.
 

Goosemaster

Lifer
Apr 10, 2001
48,775
3
81
Originally posted by: BZeto
I think I can do that with my Buffalo router. But I was looking to find out just how secure doing it without a VPN and just setting a password would be. Or what basic VNC settings there are to increase security.

hamachi.cc sets up a fantastic VPN (SSL VPN if you know what that means) for you painlessly. It requries a local isntall though, and that might be agaisnt company policy.


If you have xp pro aat home have you considered RDP? There is server side code you can post on a webhost that can let you access your pc via internet explorer.

As for securing REALVNC, I would use ultra VNC and the RC4 plugin. That and setup an ssh tunnel or something.
 

RebateMonger

Elite Member
Dec 24, 2005
11,586
0
0
Originally posted by: BZeto
Also, how hard is it for attackers to find my computer running vnc and break the password?
The simple fix to password cracking is LONG passwords / pass-phrases. Make your passwords 15 characters or longer and include some non-alphanumeric characters. It's REALLY easy to come up with LONG, easy-to-type, easy-to-remember, but "impossible" to break passwords. Just so they are LONG.

For instance, something like ==> "Green would paneling".
This 21-character password, with two spaces between "Green" and "would", would take a LONG time to crack with any dictionary cracker. But it's simple to type and remember.

Windows XP and Server 2003 allow passwords up to 256 characters long, and allow almost any conceivable character to be used. It's too bad banks and other institutions are still stuck on 7-character-max passwords, which are easily cracked with dictionary attacks.
 

jlazzaro

Golden Member
May 6, 2004
1,743
0
0
Originally posted by: RebateMonger
For instance, something like ==> "Green would paneling".
This 21-character password, with two spaces between "Green" and "would", would take a LONG time to crack with any dictionary cracker.

never use dictionary words, i dont care how many spaces you have inbetween them. be it an AD login or a VNC password, a series of random letters/numbers/special characters will always do you better.
 

RebateMonger

Elite Member
Dec 24, 2005
11,586
0
0
While using non-dictionary words certainly adds to security, almost ANY long pass-phrase gets rid of the easily guessed 7-character names that are the subject of common password attacks. Delays built into most authentication programs will result in a VERY long attempt to break a 20-character password.
 

MrWizzard

Platinum Member
Mar 24, 2002
2,493
0
71
I have used VNC on my LOCAL Net, the long password idea will not work sorry.

At least with VNC. It will let you use a long password when you enter the password you want to set but it only cares about the first 6 or 7 characters, all you have to do is enter the first 6 or 7 characters of the password when connecting and it accepts it.

Why don't you try the whole gotomyPC.com thing, they have a free 30 day trial....

EDIT: they might have a newer build out that fixes the PW problem though.