LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   VNC Password (https://www.linuxquestions.org/questions/linux-newbie-8/vnc-password-682925/)

ceantuco 11-12-2008 11:21 AM
VNC Password
 
Hi guys!
first let me clarify that I'm not trying to hack someone's computer or anything like that but:

I work for a company as Lan Admin, I use VNC to connect to the users' computers and resolve issues quickly, well one of the users has brought to my attention that someone is connecting to his/her PC, problem is that I'm the only one that knows the VNC password. I'm running Wireshark scanning VNC ports and waiting for that sucker to connect however I would like to see what password that person is using to connect. ( I wonder if my VNC password has been compromised)I tested and there is a string that says Authentication response from Client but I can't decode what the password is. (this was a test I did) If you guys can't help me it is fine but like I said I'm not trying to crack anything just catch whoever is doing it!
thanks for your help!

estabroo 11-12-2008 02:51 PM
why not just assume yours has been compromised and change the password? If they are gaining access then it doesn't really matter what password they are using, they either have yours or a collision of yours, though I believe vnc does just a straight des crypt with a set key so collision is unlikely. If they have access to the server other than vnc they might be able to access the vnc password file, if that's the case it doesn't matter what you change it to they'll still have access since they'll just go decrypt then new password when you change it.

ceantuco 11-12-2008 04:14 PM
the thing is that I think the person that is connecting to that system is someone who works here!!! so getting this person's IP and a proof that he/she is using my password would be really good.
what do you think?

estabroo 11-13-2008 10:19 AM
Do several captures of your connecting to the vnc server and I'll bet you'll see that the auth string it sends is the same every time. If that is the case then when that person logs in you can compare it with yours. I think its kind of a moot point though since I believe vnc servers only support one password (though they might have a different one for watchers only), so all you need to do is record the ip its coming from and you have your answer.

ceantuco 11-13-2008 10:42 AM
Thanks for your help! I will def do that! :=)


All times are GMT -5. The time now is 01:02 AM.