Public bug reported:
In environment with needs of public accessible VNC ports there is no logs or
other registered events about authentication failures to analyze and/or
integrate it to automated services like fail2ban ans so on.
Thus the built-in VNC service is vulnerable to brutforce attacks and in
combination with weak built-in VNC-auth scheme can be a security vulnerability.
Adding a simple log record like "QEMU VNC Authentication failed
192.168.0.5:5902 - 123.45.67.89:7898" will permit to quickly integrate
it to fail2ban system.
** Affects: qemu
Importance: Undecided
Status: New
** Tags: feature-request
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1828207
Title:
Request to add something like "Auth failed from IP" log report for
built-in VNC server
Status in QEMU:
New
Bug description:
In environment with needs of public accessible VNC ports there is no logs or
other registered events about authentication failures to analyze and/or
integrate it to automated services like fail2ban ans so on.
Thus the built-in VNC service is vulnerable to brutforce attacks and in
combination with weak built-in VNC-auth scheme can be a security vulnerability.
Adding a simple log record like "QEMU VNC Authentication failed
192.168.0.5:5902 - 123.45.67.89:7898" will permit to quickly integrate
it to fail2ban system.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1828207/+subscriptions
