summary refs log tree commit diff stats
path: root/results/classifier/gemma3:12b/vnc/1828207
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/gemma3:12b/vnc/1828207')
-rw-r--r--results/classifier/gemma3:12b/vnc/18282077
1 files changed, 7 insertions, 0 deletions
diff --git a/results/classifier/gemma3:12b/vnc/1828207 b/results/classifier/gemma3:12b/vnc/1828207
new file mode 100644
index 00000000..131d5bdf
--- /dev/null
+++ b/results/classifier/gemma3:12b/vnc/1828207
@@ -0,0 +1,7 @@
+
+Request to add something like "Auth failed from IP" log report for built-in VNC server
+
+In environment with needs of public accessible VNC ports there is no logs or other registered events about authentication failures to analyze and/or integrate it to automated services like fail2ban ans so on.
+Thus the built-in VNC service is vulnerable to brutforce attacks and in combination with weak built-in VNC-auth scheme can be a security vulnerability.
+
+Adding a simple log record like "QEMU VNC Authentication failed 192.168.0.5:5902 - 123.45.67.89:7898" will permit to quickly integrate it to fail2ban system.
\ No newline at end of file