VNC has long been used a means of providing remote connectivity between computer systems, but is all too often deployed in an insecure configuration.
This paper describes an auditing tool that can be used to identify the presence of insecure UltraVNC installs within a Microsoft Windows Domain environment.