[vox-tech] vnc highjacked?

Hai Yi yihai2004 at gmail.com
Sun Mar 28 20:12:58 PDT 2010


I followed this link to start x11vnc when the server is powered:
http://ubuntuforums.org/showthread.php?t=488207

In light of the present hacking episode, i decided to disable this
feature: i removed /etc/xinetd.d/x11vnc totally, and commented out
this line in /etc/gdm/Init/Default (this is different from that
mentioned on the link, which is /etc/X11/gdm/Init/Default):

/usr/bin/x11vnc -rfbauth /etc/x11vnc.pass -o /tmp/x11vnc.log -forever
-bg -rfbport 5900

However, when I restart the server, I can still use vncviewer to
connect to the vnc server, why is that? Is it possible that the hacker
installed a phantom daemon to start a vnc server without being
detected? it sounds like a scary version...




On Sun, Mar 28, 2010 at 2:28 AM, Rick Moen <rick at linuxmafia.com> wrote:
> Quoting Till Stegers (stegers at cs.ucdavis.edu):
>
>> I think it's not cross-platform, though -- both client and server need
>> X11, I think.
>
> Might help:
> "X Servers for Win32" on http://linuxmafia.com/kb/Legacy_Microsoft
> _______________________________________________
> vox-tech mailing list
> vox-tech at lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
>


More information about the vox-tech mailing list