Hal Vaughan wrote:
On Friday 10 March 2006 09:29, nullman wrote:
2 short infos to clarify :
1. VNC over http doesn´t exist
2. Port-Numbers can be altered with any version
Solution would be : ssh on Port 443 ... with that you can trick most
proxies with the "connect" method to use any proxy-capable ssh-client
(putty for example)
-> after ssh-connection is ok .. you can do vnc-over-ssh (simple
Port-forwarding)
I couldn't get this to work in one of my situations, due to a nasty
firewall. What I have found that seems to work is using stunnel to
tunnel the VNC data through port 443 as HTTPS data, close to what is
mentioned above. I'm still working on part of the solution, since I
can't easily install stunnel on my clients Linux systems. When I'm all
done, I'll post my results, since there has been very little on this
list to directly apply to this -- at least on my case.
Here's a link to stunnel: http://www.stunnel.org
And here's a link to a tutorial about it, but it follows Windows, so
you'll have to make some allowances and when they tell you to use
ca.bat, it'll work best to download the file, extract the files that do
the work, and convert them to Linux and run just those lines. You'll
get some "directory does not exist" errors, but if you make the
directory and re-run the program line, it'll work. At one point it'll
complain about no index file, so do "echo 00 >index" and it'll fix it
-- forgot what dir that is needed in, though.
I'll have more detailed instructions later, when I've got all my stuff
behaving at 100%.
Hal
Again thanks a lot for the suggestion, I'll try this too -- but I have a
possibly stupid question. What protocol will the gateway of my corporate
WAN think it is being asked to handle in this case? I don't think it
will allow any connections going out on VNC protocol, regardless of the
port number in use. HTTP / HTTPS is fine, not a lot else is...
Am I just totally wrong on this? Or do I need to do something else to
disguise VNC packets as HTTP / HTTPS / something else a corporate
firewall can reasonably be expected to allow?
Mark
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
