Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

Increased security

Any features you would like to see in UltraVNC? Propose it here
Post Reply
Tristan Young
Posts: 4
Joined: 2009-01-26 16:02

Increased security

Post by Tristan Young »

To round out UltraVNC's features, I would like to see the following:

- Anti-hammering
- temporary ban after xx attempts and ban length (minutes, hours, days, weeks, months, years)
- permanent ban after xx attempts
- blacklist editor for temporary and permanent bans
- Auto-ban based on locale (eg: Ukraine originated attempts)
- Optionally display a pop-up, and/or play a user-configurable sound (Windows sound event) when an IP address...
- is added to the ban list
- on the ban list, attempts to connect, and is blocked
- Accept/Reject connect requester: add IP address to temporary ban list, using configurable ban length

The time delay security feature is great, because miscreants only ever try two or three times before giving up (using the same originating IP address). The encryption plugin is also a great way to make things far more difficult for miscreants.
B
800
800
Posts: 2338
Joined: 2009-09-09 14:05

Re: Increased security

Post by B »

Agreed that would be valuable to have, but 99% of this issue goes away if you use an obscure high numbered listening port. Then only those who are actually targeting you (as opposed to opportunistic drive-bys) are tempted to "hammer" on the login.
Tristan Young
Posts: 4
Joined: 2009-01-26 16:02

Re: Increased security

Post by Tristan Young »

What is the highest port number that can be used?

This is one of those questions I've been meaning to research, but never really remembered to because something else more important always comes up.

I agree with you, and thought of changing the port. I'll probably do that, but it would still be nice to have a ban system in place.
B
800
800
Posts: 2338
Joined: 2009-09-09 14:05

Re: Increased security

Post by B »

As far as I know, about 65535. (The top end of possible IPv4 TCP port numbers.) But picking something more random is a lot better in the quest for obscurity.

I think your antihammering idea is best used in CONJUNCTION with high port numbers and, much more importantly, good encryption, DSMPlugins, VPN, ssh, tokens, etc.
Tristan Young
Posts: 4
Joined: 2009-01-26 16:02

Re: Increased security

Post by Tristan Young »

I merely wanted to know the range I could choose from. I'd never go for the highest number.

I like the idea of coupling both random numbers and ban list.

I guess I'm used to anti-hammering from running an FTP server, and back in my early days when I ran a BBS. I wrote anti-hammering measures because people would attempt to crash the gate, so to speak.
B
800
800
Posts: 2338
Joined: 2009-09-09 14:05

Re: Increased security

Post by B »

Sure. I agree with you; in my opinion such "throttling" should have been in place in VNC starting in its first days at AT&T / Olivetti in the UK. It's pretty rudimentary.

By the way, I wouldn't be surprised if UltraVNC DOES already have such a facility -- I've never checked or tested.
Post Reply