Hello Hal: Take a look to:
http://spipe.sourceforge.net/concrete_example2.html I must admit it is not a usual solution , but it could be an option if your web server is an 1.3.X Apache one and you have control over it. What it does is to cipher with SSL all outgoing traffic at client, and to decipher it at the end web server, forwarding to the final VNC server. Also, the end Web server keeps on serving HTTP requests, so with your 443 port you can serve both VNC and HTTP at the same time. ----- Original Message ----- From: "Hal Vaughan" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Monday, February 20, 2006 9:08 PM Subject: Re: Wrapping or Disguising VNC Data to Look Like HTTP > On Monday 20 February 2006 14:29, Phil Budne wrote: > > A firewall that allows HTTPS (HTTP over SSL) traffic has to be more > > permissive, since it can't look inside the SSL'ed data. I think I > > know some folks who managed to make use of an HTTP to HTTPS proxy for > > RFB/VNC traffic. The remote "web server" has to handle the SSL, and > > initial HTTP command. Proxies differ wildly. Your mileage may vary. > > John suggested that. I don't know C or C++, otherwise I'd write a wrapper. I > do know Java and am waiting for comments in a Java group on Usenet to see if > this is doable. If so, I'll put in the research. The HTTPS suggestion is > quite useful, but I doubt I can just use port 8080 to do it. I'm no > networking guru, but I'm sure HTTPS packets are still identifiable by > specific headers. I might be able to create them on my own, but there's > probably something in the Java API or some open source classes that'll do the > same thing. > > Some people have suggested some products that might do it, but it's funny -- > the more I work with FLOSS, the less I'm willing to pay for anything that is > not licensed under some form of open source licensing. I trust it less and > less. If RealVNC had a paid-to-license edition that could do it, I'd look at > it and, if it works, use it and gladly pay for it, but if it means buying a > non FLOSS (or FOSS if you prefer) program, I just don't feel as safe anymore. > Then I feel like the vendor has complete control over me and anything that > happens with the program. > > Hal > _______________________________________________ > VNC-List mailing list > [email protected] > To remove yourself from the list visit: > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [email protected] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
