I was using my computer and then I noticed the vine server icon had a red 1 appearing next to it (indicating a new connections). I went to the application and it gave me an ip that started with 195 (not my ip). Does this mean I have been hacked and that someone guessed my password or could the connection show up on my computer even if it hadn’t been authenticated (that is, if they couldn’t actually see my computer screen)? I shut off the server and checked network connections, which spiked a few minutes later, but decreased substantially when I shut down the server a second time (is this normal, or does it indicate that I have been compromised)? Processor usage wasn’t abnormal, but the whole thing made me wonder if I had been compromised, if someone had been using my computer before. I am using the free version of Vine server for Snow Leopard. Sorry if I’m being paranoid but I really need to know what is going on. Thanks for your support.
Having a connection badge means that a VNC client was connected to your computer (not just scanned, actually authenticated). If it wasn’t you then it was probably someone else.
If your computer running VNC is openly accessible on the internet then we recommend picking a secure password (with numbers and letters).
Vine Server has logic to curtail brute force attacks (it will throttle connection attempts after a number of failed passwords). But that just slows it down – so you are still best to have a password that can’t be easily guessed.
Hi, thanks for responding. Are there any logs I can check to make sure that this person hadn’t connected before? Also, is there any other way to improve security in the free version short of buying a better version? Lastly, just in case this happens again, is there anything I can do to find out who this is or prevent them specifically from hacking? Thanks.
If you want a higher level of security you can set Vine Server to require an SSH connection to your machine.
If you use Vine Viewer then we can create the SSH tunnel for you automatically, but there are other free ways to accomplish the same thing, they just aren’t part of the standard RFB specification.