Urgent !!! Is vnc viewer a peeper ?

Discussion in 'Linux Networking' started by Sally, Aug 28, 2005.

  1. Sally

    Sally Guest

    Sorry, I am a complete novice to linux : but still I would like to know : If
    the vnc viewer is installed in my computer and the host address written in
    my connections, can the host excess my computer as soon as I am on line
    (without me knowing it)?
    Thanks

    Sally
     
    Sally, Aug 28, 2005
    #1
    1. Advertisements

  2. Sally

    Julio Arruda Guest

    This is not really Linux specific, but...
    VNC Viewer and the VNC "server" are distinct programs, doesn't matter
    the platform.
    If you don't have the vnc server running, nobody can connect to you.

    By default, VNC servers will "bind" to ports 5900 and on, so, if in
    doubt, do a netstat -an |grep 590 this should give you something like :
    ....
    tcp 0 0 0.0.0.0:5901 0.0.0.0:* LISTEN
    tcp 0 0 0.0.0.0:5902 0.0.0.0:* LISTEN
    tcp 0 0 0.0.0.0:5903 0.0.0.0:* LISTEN
    tcp 0 0 0.0.0.0:5904 0.0.0.0:* LISTEN
    ....
    if you have, as in my example, VNC serving displays 1 to 4
    [], <O-O>
     
    Julio Arruda, Aug 28, 2005
    #2
    1. Advertisements

  3. Sally

    Bob Tennent Guest

    And, even if you do, they would need to know your password and, in
    normal use, would connect to another X server, not to whatever is being
    done in a usual desktop session.

    Bob T.
     
    Bob Tennent, Aug 28, 2005
    #3
  4. Sally

    robertharvey Guest

    Like the others said, the VNC viewer is a client that lets you look at
    other computers: but only computers deliberately set up with a server
    to let you do it. And you need a vnc-specific password too (not the
    system password, for obvious reasons)
     
    robertharvey, Aug 28, 2005
    #4
  5. Sally

    Sally Guest

    The host programmed the computer (that includes the passwords).., what does
    that imply ?

    Sally
     
    Sally, Aug 29, 2005
    #5
  6. Sally

    Sally Guest

    Thanks, Julio, for your detailed answer - you seem to know a lot about the
    subject.

    Sally
     
    Sally, Aug 29, 2005
    #6
  7. | The host programmed the computer (that includes the passwords).., what does
    | that imply ?


    What, exactly, do you mean by the word "host" in this context?


    | Sally
    | |> Sally wrote:
    |>> Sorry, I am a complete novice to linux : but still I would like to know :
    |>> If
    |>> the vnc viewer is installed in my computer and the host address written
    |>> in
    |>> my connections, can the host excess my computer as soon as I am on line
    |>> (without me knowing it)?
    |>
    |> Like the others said, the VNC viewer is a client that lets you look at
    |> other computers: but only computers deliberately set up with a server
    |> to let you do it. And you need a vnc-specific password too (not the
    |> system password, for obvious reasons)
     
    Paul Colquhoun, Aug 29, 2005
    #7
  8. Sally

    Sally Guest

    As I said, I am no 'Wizard of OS' at all.. I call 'it/them' the host,
    because the domain address in the connections is called the 'host'. I got
    this computer from somebody else, programmed, set up and password protected
    by somebody else (I got my password as well and usually can't access the
    administrator 'section'). Now I found their domain address in the network
    connections and the vnc viewer installed and I am wondering, if they can
    access my computer any time they please..

    Sally
     
    Sally, Aug 29, 2005
    #8
  9. -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
     
    Raymond Pasco, Aug 29, 2005
    #9
  10. Sally

    Sally Guest

    Thanks Ray and please forgive the impertinence, but can they or can't they
    (you said "probably") and if they can, with what/how and why not with vnc
    viewer/server combo?

    Sally

    PS. I didn't understand the "also aaargh top posting bit:/" ?????????????

     
    Sally, Aug 29, 2005
    #10
  11. Sally

    Sally Guest

    Thanks, Julio, for your detailed answer - you seem to know a lot about the
    subject. And please read this, because I cannot do/understand, what you've
    described :

    As I said, I am no 'Wizard of OS' at all.. I call 'it/them' the host,
    because the domain address in the connections is called the 'host'. I got
    this computer from somebody else, programmed, set up and password protected
    by somebody else (I got my password as well and usually can't access the
    administrator 'section'). Now I found their domain address in the network
    connections and the vnc viewer installed and I am wondering, if they can
    access my computer any time they please..

    Thanks again
    Sally

     
    Sally, Aug 29, 2005
    #11
  12. Sally

    Sally Guest

    Thanks Bob, please read this :

    As I said, I am no 'Wizard of OS' at all.. I call 'it/them' the host,
    because the domain address in the connections is called the 'host'. I got
    this computer from somebody else, programmed, set up and password protected
    by somebody else (I got my password as well and usually can't access the
    administrator 'section'). Now I found their domain address in the network
    connections and the vnc viewer installed and I am wondering, if they can
    access my computer any time they please..

    What do you think?

    Sally
     
    Sally, Aug 29, 2005
    #12
  13. Sally

    Sally Guest

    What would you say to this :

    As I said, I am no 'Wizard of OS' at all.. I call 'it/them' the host,
    because the domain address in the connections is called the 'host'. I got
    this computer from somebody else, programmed, set up and password protected
    by somebody else (I got my password as well and usually can't access the
    administrator 'section'). Now I found their domain address in the network
    connections and the vnc viewer installed and I am wondering, if they can
    access my computer any time they please..

    Sally
     
    Sally, Aug 29, 2005
    #13
  14. This is in contrast to VNC in Windows, which attaches to the current
    desktop session, and therefore can be used to snoop, provided the snooper
    knows the password.
     
    John Thompson, Aug 29, 2005
    #14
  15. -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    If they have root access, they can use "ssh" to log in remotely to your
    system. With root access, they can do anything, however it would be
    pretty hard to spy on your desktop. All they'd get was a command line. I
    say 'probably' because there is a small chance you don't have sshd running.

    Also, top posting is the practice of posting above the quoted message.
    Some people are really annoyed by it. I'm only a very tiny bit annoyed. :)
    - --
    Ray (Our name is Legion, for we are many.)
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (GNU/Linux)

    iD8DBQFDEnuRKwExTSbpHqgRAiNvAJ9wdc/3DMhGaFW+b1013I0if8qESACdGJmO
    yVmLbOsBCsJP1WV3bjbdpm8=
    =ZV1T
    -----END PGP SIGNATURE-----
     
    Raymond Pasco, Aug 29, 2005
    #15
  16. Sally

    Sally Guest

    Thank you, John, please read the following does that change the situation?

    As I said, I am no 'Wizard of OS' at all.. I call 'it/them' the host,
    because the domain address in the connections is called the 'host'. I got
    this computer from somebody else, programmed, set up and password protected
    by somebody else (I got my password as well and usually can't access the
    administrator 'section'). Now I found their domain address in the network
    connections and the vnc viewer installed and I am wondering, if they can
    access my computer any time they please..

    Sally
     
    Sally, Aug 29, 2005
    #16
  17. Sally

    Sally Guest

    Ray, can they get access to passwords (bank etc.) confidential info etc. I
    submit through the Internet (or any other I save on my computer)? And then:
    Couldn't they translate a command line?

    Thanks for the "top-notch-fill-in" on the 'tiny' bit annoying top posting
    practice..

    Sally
     
    Sally, Aug 29, 2005
    #17
  18. -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    Sally, unless this information is encrypted (like your system password
    is) then a user with root access can read it. The person with root
    access is usually the owner of the physical machine. Also if this
    person's skilled with Linux, then they know how to use a shell.

    - --
    Ray (Our name is Legion, for we are many.)
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (GNU/Linux)

    iD8DBQFDEoNEKwExTSbpHqgRAvNzAJ0Y88X8vSZnR3vsuPCws5umjY9YmACfb7tA
    Cf5NTklfB3VUobahQ2VpCf4=
    =JaYb
    -----END PGP SIGNATURE-----
     
    Raymond Pasco, Aug 29, 2005
    #18
  19. Sally

    Sally Guest

    Hi, Ray, thanks for your time,

    the "owner" gives the computers, he programs with linux (clearing OSs from
    old computers and putting Linux on as I understand it), away for free. (He
    is definitly 'skilled') He lives in another suburb. He told me, that he can
    decipher my user password and change it. The user passord I only see in
    dots, when I put it in. So what's the situation with any other password..?
    Please explain, what he's actually able to do from his computer in regards
    to mine without offcourse being physically here.

    What does 'the know how to use a shell(?)' mean?

    Sally
     
    Sally, Aug 29, 2005
    #19
  20. -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    Well, root can use the passwd command to change passwords, without
    entering an "old password". A shell is the program that processes the
    commands entered at the command line. If you're computer's on the
    Internet (which I assume it is) it can be remotely logged into as any
    user, including root, using ssh.

    Basically, root is a user with special powers. Root can access/edit any
    given file on the machine, no matter what its permissions are. This is
    why you log in as a user other than root, to avoid damaging the system.
    However, some administrative actions require root access.
    - --
    Ray (Our name is Legion, for we are many.)
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (GNU/Linux)

    iD8DBQFDEpqOKwExTSbpHqgRAhiWAKCH9OOtGLgpV3SBz+w62/VFAD/8EQCcDW+x
    YP+VvvFcuFS8BRf0DsL9r5A=
    =z1bN
    -----END PGP SIGNATURE-----
     
    Raymond Pasco, Aug 29, 2005
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.