Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Remotely Connecting via VNC

  1. #1

    Remotely Connecting via VNC

    I'm sure you guys are familiar with the good ol' VNC server/viewer. Well, I'm trying to set it up on both my home and office computers so that I can access one from the other and vice versa. I've got both the server and the listening viewer running on both machines, but I'm not getting anywhere. I've entered the WAN IP for my office computer into my home computer and vice versa, but I keep getting "server could not be found".

    So, I'm wondering, could it be one of my security tools in the way? I have a ZA firewall on my home computer, but I configured it so that it should allow VNC through. We have a SonicWALL hardware firewall here at the office, and it's offered no complaints from my home computer trying to connect. So it doesn't look like it's a firewall issue.

    So I dunno...Am I missing something obvious? Why can't these two see each other?

  2. #2
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Unless you are using and encrypted tunnel I would close that port. VNC servers are a common scan and attack method and their default use is NOT secure. Other than that can you ping the port?

    //Edit if you can't ping the port it's not a VNC issue. Then can you ping either router?
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  3. #3
    So are you saying with VNC I'm a sitting duck with it running on that port, despite the firewall? I'm still learning about port scanning so that's good info to throw at me.

    And I can't port scan jack on my home computer, firewall has that well covered. Last time I tried to scan my home box from here Nmap failed and it knocked out the entire office's Internet (extreme idiocy moment).

  4. #4
    Now, RFC Compliant! Noia's Avatar
    Join Date
    Jan 2002
    Posts
    1,210
    The fewer ports the better, even with a firewall.....especialy if it's some rubbish like Sygate.

    * I can spell, honest..... *
    With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!:.
    Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.

  5. #5
    Gotcha. I was afraid of that. Not Sygate, but the other alleged "rubbish" that is ZA. (You guys have me wishing I could afford a HW firewall now.)

    Ok, so VNC's out. Is there any other free & reasonable method for me to accomplish the same result though?

  6. #6
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    You can use VNC over an open ssh daemon, I have never tried because I don't use it outside the firewall. You can play with that, or RAS in via telephone.

    //Edit Tons of info, plus someone posted an article on it here before, Horse maybe? Here is just one link VNC with SSH

  7. #7
    This might help test is your VNC port is responding...

    Try telnetting from your home to your office and vice versa using:
    telnet ipaddress 5900

    You should get some characters back, I got "RFB 003.003". You can pretty much use telnet to test most ports.

    And agreeing with others, I would NOT have VNC exposed to the Internet as there are a some crackers out there AND the initial password is transmitted in plain text.

  8. #8
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    <edit:sorry i compleaty mis-read this part of your post>

    VNC is not the MOST secure remote console and you would be safer in the long run useing something else. if your using a strong password and dont plan to keep it open too long i wouldn't call you a sitting duck. older versions of vnc were open to a man in the middle type session hi-jacking but thats been fixed in later versions, the password is encrypted but like i said i wouldn't give to large of a window of opportunity. vnc is most prone to local stuff. its easy to get and decrypt the password, but i havn't heard of any remote exploits reasently but im sure it wont be too long. it never is. it would also be wise if both firewalls only allowed incoming traffic for those services from each others ip address only.

    are you sure its your fw preventing scans and not your isp dis-allowing traffic originating outside its network?
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  9. #9
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    If the computer you are trying to connect to is a windows XP pro (not sure about home version) why not use the buildin RDP (Remote Desktop Protocol)? AFAIK it has better authentication and encryption as opposed to VNC. If that's not secure enough you can use SSH to tunnel RDP (just like with VNC).

    You can find out more about Remote Desktop by right clicking on My Computer and choose properties. On the tab Remote you'll find the option to enable RDP and a pointer to a help file with some basic info.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  10. #10
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Remote desktop is also Faster than VNC in my own usage experience. I use both internally. The problem with remote desktop is, it's more of a pain in the ass to lock down in active directory. VNC you just pop it on, load as a service and password protect it. VNC works cross platform and is cake to use and deploy. Remote desktop, is much faster, even with all the compression turned on in VNC. I use neither over the internet though, in my case risk is too great. I mean if the password is broken, the user has ROOT. It's not like a http or ftp server that gets hacked, you are opening the door all the way. You have a sonic wall, I think you have mentioned it in other threads, there is built in VPN into a lot of those things?
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •