VNC - No authentication

nicksberger · January 12, 2017, 6:34pm

Hi all,
have a requirement to create a retrieved property to return whether VNC is configured for ‘no authentication’, wandering if anyone has the logic/relevance they are willing to share ?
Many thanks in advance.

strawgate · January 12, 2017, 7:28pm

So with BigFix we can pull most things assuming they are written on the disk or configured somewhere.

To help you with this we’d need some context to point you in the right direction. Specifically:

Operating System
How is VNC Provided (Application, Built-in OS component)
Where is that configuration stored on the system?

Once we know these we can guide you towards building a property!

nicksberger · January 12, 2017, 9:58pm

Yes, appreciate that. My question was more about whether someone had already coded up the detection logic that they are willing to share.

strawgate · January 12, 2017, 10:05pm

So someone certainly might have but nobody has a universal analysis that covers every OS/Application/Version combination so if you want someone to come out of the weeds with an example you’re going to need to provide an example of an OS and VNC application you’re looking for an example from.

Windows? TightVNC? RealVNC? UltraVNC?
MacOS? Built-In? RealVNC? Vine?
Linux? Chicken of the VNC? RealVNC? TightVNC?
Unix? Xvnc? vncserver?

What VNC server are you using?

Bill

nicksberger · January 12, 2017, 10:17pm

If you’re offering, Windows Tight, Real, and Ultra would be a great start

I’m not sure whether this setting is controlled by ini file and/or reg key/value.

jgstew · January 12, 2017, 10:20pm

You only care about Windows?

Which VNC softwares are installed in your environment? Which one is installed the most? You should be able to determine this from software inventory analyses provided within BigFix if they are traditionally installed.

strawgate · January 12, 2017, 10:26pm

Do you have a system with one of these installed?

Can you see if there are registry keys for the application or maybe an .ini file in the program installation directory (or in C:\Programdata)?

nicksberger · January 13, 2017, 10:18am

This appears to work for the flavours of VNC I’m interested in, I’m sure you’ll (re)construct/optimize as neccesary …

if (not exists keys of keys whose (name of it as lowercase contains "vnc" as lowercase) of keys  "HKLM\Software" of (if x64 of operating system then (x64 registry;x32 registry) else registry)) then "N/A" else  if ((exists value "UseControlAuthentication" whose ("0" = it as integer as hexadecimal) of keys of keys whose (name of it as lowercase contains "vnc" as lowercase)   of keys   "HKLM\Software" of (if x64 of operating system then (x64 registry;x32 registry) else registry)) AND (exists value "UseVNCAuthentication" whose ("0" = it as integer as hexadecimal) of keys of keys whose (name of it as lowercase contains "vnc" as lowercase)   of keys   "HKLM\Software" of (if x64 of operating system then (x64 registry;x32 registry) else registry))) then "True" else "False"

jgstew · January 26, 2017, 8:33pm

what flavors of VNC did you write that against?

what flavors does it seem to work properly for?

Also, I would recommend building properties to audit the actual data available before writing something to return true/false directly.