dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
share rss forum feed


stormbow
Freedom isn't FREE
Premium
join:2002-07-31
Simi Valley, CA
reply to jaynick

Re: How to secure VNC and port 5900

I am another that tunnels VNC over SSH. My SSH is configured to use a certificate, so no way to hack the password and I have fail2ban running to block IPs trying to get into my SSH. Three fails and you're blocked for an hour.



Da Geek Kid

join:2003-10-11
::1
kudos:1

1 edit

may I ask why an hour when you are not expecting password attempts with anything other than a cert, why not 600 hours.

Also, has anyone looked @ freeNX/NoMachine... Works great.



stormbow
Freedom isn't FREE
Premium
join:2002-07-31
Simi Valley, CA

said by Da Geek Kid:

may I ask why an hour when you are not expecting password attempts with anything other than a cert, why not 600 hours.

Once or twice I have had keyboard issues and have locked myself out (there is a "password" on the cert). I consider one hour enough punishment for myself. . If they continue to try to get in they get blocked all over again.