Repeater security concerns

Here you will find help for frequently asked questions as well as for your specific question.

Repeater security concerns

Postby Ruba » 2018-03-07 12:26

I did set up repeater (v. 1400) in mode II and Secure plugin for Server and Viewer. Both parties are behind firewall and by using ID connection works fine. With the secure plugin I believe it is not easy for someone to connect to servers. As I understand, Repeater itself can be used by anyone. I can not limit IP-s as we never know from where the client will connect to the server which can also move around the globe. So, only thing is to have a list of ID-s, but if someone will have access to Single Click solution where ID could be found or if someone will find an acceptable ID by trial, then they could use my Repeater server. This is not a desirable. Is there a reason, the ID can not include letters to be more complex? Is there any ways to have tighter security on repeater?

Another concern is that Repeater includes a built in webserver with weak username "admin" and regular authentication mechanism. Someone could get access to it by brute force attack.

If I disable access to web gui from outside network, then I can't use UVNC Console as it starts to connect to the repeater web interface and crashes.

Perhaps someone would explain the purpose of UVNC Console. So far I found that it will show in a list my vnc connection files that are inside uvnc folder and shows them green if repeater reports they are online. Is there any other functionality?

First things that came into mind about UVNC Console is that it could show us live info about servers connected to the Repeater. So if we deploy UVNC Server to multiple machines, they will connect to the repeater and they are all visible in console. We could then just set passwords for them and voila. It would be great to have option to organize the list in console. Crreate groups for different servers and so on. But all this should probably be written to feature request topic.
Ruba
 
Posts: 2
Joined: 2018-03-07 11:46

Re: Repeater security concerns

Postby Rudi De Vos » 2018-03-08 22:32

The console use the folder stucture as groups, to create a group create a subfolder.
The console use the .vnc files but also has a eas encrypted files to store the longer encrypted or user/passwd.
This is a one way encryption, you need to provide your ounlock password each time you start the console..
The console can see if servers are online local or via a repeater
You can make
Connect Viewer ID-ABCD:1234 WORKS
by allowing ABCD in the repeater options
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5789
Joined: 2004-04-23 10:21


Return to General help

Who is online

Users browsing this forum: No registered users and 12 guests