When an attacker runs a brute force attack the server will attempt to blacklist the source IP, although instead of only blacklisting the attacker, 0.0.0.0 is blacklisted instead and permanently. There is no way to authenticate even after waiting:
"Too many authentication failures"
On the original Xvnc4 the logs used to show as well:
"Connections: blacklisted: 0.0.0.0"
This issue was reported already, but so far it has never been fixed. Both Tightvnc and Xvnc have this bug.
Log in to post a comment.