vnc and File Transfers - major security risk

[crp]

If you use tightVNC as a server on Windows (and probably it's offshoots), make sure File Transfers is disabled. Especially if it reachable via public ip space.

There are major security issues concerning File Transfers with tightVNC and Windows. 

 

I don't have tightVNC server on a linux box so don't know about that setup.

 

 

[crp]

They still haven't fixed the problem over at tightVNC , I don't know if every VNC forked from it has the problem.

 

If you have FileTransfers enabled, then the connecting client can copy any file. Even files in the Windows\System32. And it can do so without logging into a Windows user session. It just needs the vnc connection's password, no need to know any password of a Windows user.

What makes the situation a bit worse is that passwords for tightVNC are maxed at 8 characters.

[zlim]

I'm looking at my password strength chart and an 8 character password that consists of numbers, upper and lowercase letters and symbols can be broken in 39 minutes! Not much security with that.

 

A good length for a password with numbers, upper and lower case letters and symbols is 11. That takes 34 years to crack.  Omit the symbols and it drops to 3 years but at least that is better than  minutes. Once I saw that, I looked at my passwords and started lengthening them - if possible. Again, not every thing allows you a length of 11 characters. Sad.

[crp]

it would take a bit longer than 39 minutes to crack the tightVNC as it times out after 3 misses and then refuses connections from IP address for extended periods of times if it thinks a hack is going on. But I think it would take less than a couple of days if someone was attacking a known target.

 

[zlim]

Same as the 4 digit PIN for ATM machines. If you guess wrong 3 times, I think it eats your card.