blob: bc75e7935c55333aa086e104ce85d68476ffcd09 (
plain) (
blame)
1
2
3
4
5
6
|
Request to add something like "Auth failed from IP" log report for built-in VNC server
In environment with needs of public accessible VNC ports there is no logs or other registered events about authentication failures to analyze and/or integrate it to automated services like fail2ban ans so on.
Thus the built-in VNC service is vulnerable to brutforce attacks and in combination with weak built-in VNC-auth scheme can be a security vulnerability.
Adding a simple log record like "QEMU VNC Authentication failed 192.168.0.5:5902 - 123.45.67.89:7898" will permit to quickly integrate it to fail2ban system.
|