vnc Á¢¼Ó½Ã "Too many security failures"

DoubleSH   
   Á¶È¸ 11094   Ãßõ 0    


centos 6.7


# rpm -qa | grep vnc
tigervnc-server-1.1.0-18.el6.x86_64


사설 IP 할당받은 서버입니다. 사내테스트서버구요

제 노트북의 wifi 를 통해서 접속합니다. 무선환경은 가끔 불안합니다.



잘 쓰다가 어느순간  "Too many security failures"  에러뜨면서 접속이 안됩니다.

임시방편으로

# vncserver -BlacklistTimeout=0 -BlacklistThreshold=10000

위와같이 구동해서 사용하지만, 이것도 어느순간 같은 에러 뿜습니다.


아 물론... 현재로선 해결책은 kill 하는 것뿐입니다.. kill 안하고 사용하고 싶은거구요


설정은 아래와 같습니다.


# cat /etc/sysconfig/vncserver 

VNCSERVERS="1:root"
VNCSERVERARGS[1]="-geometry 1680x1050 -nolisten tcp -BlacklistTimeout 0"


netstat 하면 세션 현황이 아래와 같이 나옵니다.


도저히 구글링에 한계가 있어 질문 남깁니다.


경험자분 도움 부탁드립니다.



[root@server1 ~]# netstat -anp | grep vnc
tcp        0      0 0.0.0.0:5901                0.0.0.0:*                   LISTEN      24144/Xvnc          
tcp        0      0 192.168.150.211:5901        192.168.150.56:1774         ESTABLISHED 24144/Xvnc          
unix  2      [ ACC ]     STREAM     LISTENING     165271220 24144/Xvnc          @/tmp/.X11-unix/X1
unix  2      [ ACC ]     STREAM     LISTENING     165271221 24144/Xvnc          /tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     209510227 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165834531 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165830991 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165830933 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165830875 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165830814 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165829932 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165275330 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165275179 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165275159 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165275134 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165275002 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165274665 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165274401 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165274184 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165274174 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165274159 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165274149 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165273987 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165273793 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165273667 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165273530 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165273414 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165272998 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165272978 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165272919 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165272720 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165272632 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165272534 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165272335 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165272328 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165272072 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165271813 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165271377 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165271361 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165271348 24144/Xvnc          @/tmp/.X11-unix/X1
unix  3      [ ]         STREAM     CONNECTED     165271347 24170/vncconfig    


CTI & VoIP 엔지니어입니다 :) / VoIP, SIP, IPT, IP-PBX, PTT, Asterisk, Mitel
ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.
vncserverÂÊ ·Î±× ÆÄÀÏ¿¡´Â º°´Ù¸¥ ³»¿ëÀÌ ¾ø´ÂÁö¿ä?
     
DoubleSH 2017-01
¾ÆÂü, »ç¿ëÀÚ home µð·ºÅ丮¿¡ .xsession-errors  ÆÄÀÏÀÌ À־ Àá½Ã ºÃ¾ú³×¿ä



(firefox:5376): GLib-GObject-CRITICAL **: g_object_unref: assertion `G_IS_OBJECT (object)' failed
hashcompleter: cancelling request to https://safebrowsing.google.com/safebrowsing/gethash?client=navclient-auto-ffox&appver=45.5.1&pver=2.2
hashcompleter: notifying failure

** (gnome-volume-control-applet:3646): WARNING **: Connection failed, reconnecting...

** (gnome-settings-daemon:3613): WARNING **: Connection failed, reconnecting...

** (gnome-settings-daemon:3613): WARNING **: Connection failed, reconnecting...

** (gnome-settings-daemon:3613): WARNING **: Failed to connect context: ¿¬°á °ÅºÎµÊ

** (gnome-volume-control-applet:3646): WARNING **: Unable to get default sink

** (gnome-volume-control-applet:3646): WARNING **: Connection failed, reconnecting...

** (gnome-volume-control-applet:3646): WARNING **: Failed to connect context: ¿¬°á °ÅºÎµÊ
12:01:26          Warn Dissector bug, protocol VNC, in packet 3186803: More than 1000000 items in the tree -- possible infinite loop
12:01:27          Warn Dissector bug, protocol VNC, in packet 3188122: More than 1000000 items in the tree -- possible infinite loop
12:01:34          Warn Dissector bug, protocol VNC, in packet 3190738: More than 1000000 items in the tree -- possible infinite loop
14:17:10          Warn Dissector bug, protocol VNC, in packet 3584913: More than 1000000 items in the tree -- possible infinite loop
16:30:57          Warn Dissector bug, protocol VNC, in packet 4019510: More than 1000000 items in the tree -- possible infinite loop
16:30:57          Warn Dissector bug, protocol VNC, in packet 4019528: More than 1000000 items in the tree -- possible infinite loop
16:30:58          Warn Dissector bug, protocol VNC, in packet 4020065: More than 1000000 items in the tree -- possible infinite loop
16:30:58          Warn Dissector bug, protocol VNC, in packet 4020084: More than 1000000 items in the tree -- possible infinite loop
16:30:58          Warn Dissector bug, protocol VNC, in packet 4021086: More than 1000000 items in the tree -- possible infinite loop
16:30:58          Warn Dissector bug, protocol VNC, in packet 4021096: More than 1000000 items in the tree -- possible infinite loop
     
DoubleSH 2017-01
À§ÀÇ possible infinite loop Àº ´õ ¸¹½À´Ï´Ù.
          
.vncÇÏÀ§¿¡ ÀÖ´Â vnc ·Î±×µµ ÇÑ ¹ø ¿Ã·ÁºÁÁֽʽÿä.
               
DoubleSH 2017-01
¾Æ...ã¾Ò½À´Ï´Ù....À½.. ¾Æ·¡´Â Á¦ ¾ÆÀÌÇÇ Àε¥ ±²ÀåÈ÷ ¸¹³×¿ä blacklisted °¡....

Tue Jan 17 17:28:17 2017
 Connections: blacklisted: 192.168.150.22

Tue Jan 17 17:33:30 2017
 Connections: blacklisted: 192.168.150.22

Tue Jan 17 17:38:42 2017
 Connections: blacklisted: 192.168.150.22

Tue Jan 17 17:43:55 2017
 Connections: blacklisted: 192.168.150.22

Tue Jan 17 17:49:07 2017
 Connections: blacklisted: 192.168.150.22
               
DoubleSH 2017-01
5ºÐ¸¶´Ù ·Î±×°¡ ÂïÈù ÀÌÀ¯´Â
ultra vnc launcher ¿¡¼­ 5ºÐ¸¶´Ù »óÅ scan À» À§ÇØ Á¢¼Ó½Ãµµ ÇÏ°í Àֳ׿ä.

Á¤»óÀ϶§´Â ÀÌ·¸°Ô ÀÖ¾ú±º¿ä

Fri Jan 13 18:45:26 2017
 Connections: accepted: 192.168.150.22::10387

Fri Jan 13 18:45:28 2017
 SConnection: Client needs protocol version 3.8
 Connections: closed: 192.168.150.22::10387 (read: Connection reset by peer
              (104))
                    
Ŭ¶óÀ̾ðÆ® Åø¿¡ vnc server »óÅ üũÇÏ´Â °ÍÀ» disableÇÏ´Â ±â´ÉÀÌ ÀÖ´Ù¸é ±×°Í ÀÌ¿ëÇÏ½Ã¸é µÉ °Í °°°í
Ŭ¶óÀ̾ðÆ®ÂÊ¿¡ ±×·± ±â´ÉÀÌ ¾ø´Ù¸é ¼­¹öÂÊ¿¡¼­´Â blacklist¿¡ µî·ÏÇÏÁö ¾Êµµ·Ï ÇÏ´Â ¹æ¹ýÀ» ã¾Æº¸¼Å¾ß µÇ½Ç µí ÇÕ´Ï´Ù.
Xwindows¸¦ ÀüÇô »ç¿ëÇÏÁö ¾Ê¾Æ¼­ ÀÚ¼¼ÇÑ ´äº¯Àº Èûµé µí ÇÕ´Ï´Ù.
                         
DoubleSH 2017-01
°á°ú ¾Æ´Ñ °á°ú ³²±é´Ï´Ù.

'Á¤´ä'À» ãÁø ¸øÇßÁö¸¸,
ºÒ¾ÈÇÑ ¹«¼±È¯°æ°ú 5ºÐ¸¶´Ù Á¢¼ÓÇÏ´Â ºÎºÐ¿¡¼­ ±³ÁýÇÕ Æ®·¯ºíÀÌ »ý°åÀ»µí ÇÕ´Ï´Ù.

5ºÐ¸¶´Ù üũÇÏ´Â ¿É¼Ç Á¦°Å ÈÄ ¾ÆÁ÷Àº µ¿ÀϹ®Á¦ ¾ø³×¿ä :)


QnA
Á¦¸ñPage 459/5686
2015-12   1512229   ¹é¸Þ°¡
2014-05   4976127   Á¤ÀºÁØ1
2016-05   11097   ÁöÁ¸ÄÄÇ»ÅÍ
2003-02   11097   ÃÖÀº¼º
2003-01   11097   ¹Ú±Õ
2013-11   11096   ÀÌÅ¿í
2011-07   11096   Á¤ÀºÁØ1
2003-12   11096   °­¼ºÁø
2003-06   11096   ÇÑâ¼ö
2003-01   11096   ±èÇüÇÊ
2010-10   11096   ÃÖ½ÂÈñ
2002-11   11096   ¹ÚÀÌ¿õ
2010-03   11096   ¹Ì¼ö¸Ç
2003-04   11095   ¹Ú°æÈ£
2003-01   11095   ±èµ¿¹ü
2016-05   11095   ±è¼ºÁø75
2017-01   11095   DoubleSH
2013-10   11095   Ä¡ºñ¶óºÎ
2002-11   11095   °­Èñ¹Î
2002-12   11094   ±èµ¿¹ü
2013-07   11094   ÄÉÀ̽º
2009-04   11094   ÃÖ¸ð¾¾