Re: [Leaf-user] vnc

Wed, 20 Mar 2002 21:05:51 -0800 


"Henning, Brian" <[EMAIL PROTECTED]> wrote:

My disclaimer: I have not done this but I can give you some tips.  I am
concerned about the current security of your vnc configuration.

> Hello-
> I am using LEAF with the echowall firewall package on a pentium 1.  This
> router/firewall serves my two windows machines. I set up echowall to access
> a vnc server on one of my local machines but, 


vnc is not a secure protocol.  If I am reading what you said correctly,
then you have introduced significate security concerns for your windows
PC.  Bad people will want to abuse you.  Please see
http://www.uk.research.att.com/vnc/faq.html#q52. It also talks about
some of the ports to forward.  See also
http://www.uk.research.att.com/vnc/faq.html#q53.


>I am not sure how set up the
> router/firewall to allow vnc to be accessable on multiple local machines. I
> am pretty sure I have to have separate ports for each, but I am not sure how
http://www.uk.research.att.com/vnc/faq.html#q55
http://www.uk.research.att.com/vnc/sshvnc.html


> I go about the setup. Can anyone give me a hand? Thanks!
> 

For your safety, please stop what you are doing now.  I would recommend
setting up secure shell port on port 22 and, say, port 23 of your
firewall.  You will need to locate the latest secure ssh package, there
is a bug.  Pick port 22 and portforward it to one windows PC.  Map port
22 to one of the 5900 VNC ports.  Pick port 23 and portforward it to the
other windows PC.  Likewise, map port 23 to one of the 590x VNC ports. 
Depending on your source machine, you may need to setup putty or ssh
there. Then you might do something like this ssh -L 5902:myfirewall:5901
myfirewall  Read http://www.uk.research.att.com/vnc/sshvnc.html and look
at the pictures.  Give yourself sometime to comprehend what is being
said.

I hope this gets you pointed in the right direction.  By the way did I
tell you that I was concerned about the security of your current
configuration?

Greg

_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user























					Reply via email to