Holy shit, I was just sitting on my couch watching TV on my Media Center box. I keep VNC running as a service so I can connect to it from my other computer or from work. So I am watching a rerun of Everybody Loves Raymond, when I notice the MCE TV controls pop-up and the mouse appears and closes media center. At that point I notice the VNC system icon tray is black and realize someone has hacked my box (which should have been evident by that point). After the “hacker” closes the media center app, s/he disconnect from VNC.
I guess it is about time I take security seriously. I have always figured I was kind of immune because I don’t run unknown executables and my firewall should block out most things. But I guess some holes are big enough to drive a truck through. I solicit input from any of my computer geek friends out there; specifically on what I need to do so I can still have remote access but not have bored script kiddies running crazy go nuts on my home computers.
For shits and grins, here is a link to VNC and SSH setup.
Tunneling your VNC through SSH is exactly what you should do. OpenSSH for Windows/PuTTy/TightVNC work well together, but if you follow the tutorial that you linked to, that should work as well. Another excellent idea just for general security is to put a router between you and the Internet (although this won’t protect you if you forward the VNC port–which you shouldn’t do anyway).
Just to add to the technical details: The VNC service was, of course, password protected. I do have a router setup and forward VNC port to that machine. Without port forwarding, how would I get VNC to work for that one computer?
Just an idea; use non-standard ports.
5900 is very generic for vnc…use something stupid crazy like 25902 or something…and change your password, silly.