|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] XEN domUs and X11 (maybe not Xen-related)
Javier Guerra Giraldez wrote: Oh, goodness, yes. The VNC password is exchanged encrypted, but passwords after that are.... at some small risk. This is why a thoughtful and secure admin will SSH to the Dom0 and run VNC locally in an X session, although that imposes some additional computational burdens on Dom0On Thursday 17 January 2008, Nico Kadel-Garcia wrote:This is a serious security issue with lots of VNC based tools, such as most remote KVM's. It mandates that you use a good screenlock on the VNC server's X session, in case you walk away and come back. Xen default setups attempt to deal with this somewhat by restricting those VNC clients to access from the Dom0 itself. But woe betide the admin who opens it up for remote management and fails to protect their X session!being a non-encrypted protocol, i guess anyone that uses it remotely without some kind of VPN is already exposing too much. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |