Re: [tlug] VNC and security

[Joe Larabell <fred62@???>]

> 1. If I need to leave my SSH server running to listen for SSH
> connections, why is that more secure than leaving my VNC server running
> to listen for VNC connections?

For one thing, I've heard VNC makes no real attempt to encrypt its
password. If that's true, your password could be compromised fairly
easily.

Second, VNC requires *only* a password, SSH uses both a username AND a
password. Presumably, the bad guy would have to guess both correctly.

Third, my gut tells me SSH has had more eyeballs scrutinizing it for
possible security holes than VNC -- but that may just be paranoia on my
part.

Lastly, two open ports are twice as likely to be discovered and
compromised than one.

> 2. I tried changing my SSH connection in Putty to use a different port
> than 8443. But it doesn't seem to connect on any other port, despite all
> my attempts to open the other port on my router and my firewall. Is 8443
> dedicated to SSH or something?

I'm sure this goes without saying but your wording suggests it's better
said than missed: when you changed ports, you changed *both* sides, right?
Not just Putty?

Putty supports telnet. You could connect to your server on the supposed
new SSH port but using telnet protocol and see if you get a string from
the other side that starts with 'SSH...'. That may not tell you much but
if you see the string, port closure is probably not the problem.

---
Joseph L (Joe) Larabell            Never fight with a dragon
http://larabell.org                     for thou art crunchy
                                  and goest well with cheese.