Hi Ajit ,
For Solaris add -pr to your Xvnc string.
Cheers
Richard.
-----Original Message-----
From: Ajit Alok [mailto:[EMAIL PROTECTED]]
Sent: 19 May 2001 01:02
To: [EMAIL PROTECTED]
Subject: problem in starting vncserver on sol26
Hi All
Previously it was working fine. I was able to restart the server. Now I rebooted the
machine.
I am trying to start the server again . It throw error in goes in loop.
Fatal server error:
Failed to establish all listening sockets
_XSERVTransSocketCreateListener: failed to bind listener
_XSERVTransSocketUNIXCreateListener: ...SocketCreateListener() failed
_XSERVTransMakeAllCOTSServerListeners: failed to create listener for local
I am running following command to start the vnc server.
Xvnc :1 -geometry 1024x768 -depth 16 -once -query farworld -httpd /local/vnc/classes
-httpport 5801 -dontdisconnect -fp tcp/farworld:7100 -auth /home/corp/aalok/Xauthority
-rfbauth /home/corp/aalok/.vnc/passwd
$0
Above are the two lines in script file.
Second problem is , when ever you tries to connect to vncserver from a remote client ,
every times it creates a new process on server machine and doesn't terminate it after
done.
Any pointer to above problem is well appreciated.
Thanks
Ajit
vnc-list-digest wrote:
> vnc-list-digest Friday, May 18 2001 Volume 01 : Number 1136
>
> ............................
> VNC-LIST-DIGEST is a daily collection of the messages sent to the
> VNC mailing list. For more information about VNC see the home page
> http://www.uk.research.att.com/vnc .
>
> In this issue:
>
> re: nmap to port 6001 kills vnc session...
> re: nmap to port 6001 kills vnc session...
> Obtaining IP address over internet
> RE: Obtaining IP address over internet
> RE: Obtaining IP address over internet
> RE: Obtaining IP address over internet
> Argh! HowTo inetd ... script
> asciicircum sent twice
> AW: Obtaining IP address over internet
> Re: Obtaining IP address over internet
> Re: remotely installing VNC
> RE: vnc without screen update
> Re: Obtaining IP address over internet
> Re: remotely installing VNC
> VNC vs Tridia
> omnithread_rt.dll
> RE: HELP me please, vnc on windows nt but the users always close the vnc
>client
> Vnc server on Unix
> Re: vnc without screen update
> Re: VNC vs Tridia
> re: nmap to port 6001 kills vnc session...
> Connecting to my (small) office network (ADSL problem?)
> Re: VNC vs Tridia
> re: nmap to port 6001 kills vnc session...
> Re: Connecting to my (small) office network (ADSL problem?)
> Re: Connecting to my (small) office network (ADSL problem?)
> Re: Connecting to my (small) office network (ADSL problem?)
> Re: nmap to port 6001 kills vnc session...
> Re: Connecting to my (small) office network (ADSL problem?)
> Re: Connecting to my (small) office network (ADSL problem?)
> Re: nmap to port 6001 kills vnc session...
> Re: Connecting to my (small) office network (ADSL problem?)
> RE: HELP me please, vnc on windows nt but the users always close the vnc
>client
> Re: nmap to port 6001 kills vnc session...
> How to install VNC on remote machine
> RedHat 7.0 and VNC
> Re: Obtaining IP address over internet
> Re: How to install VNC on remote machine
> Re: Obtaining IP address over internet
> ............................
>
> ----------------------------------------------------------------------
>
> Date: Wed, 16 May 2001 23:36:49 -0700 (PDT)
> From: "Scott C. Best" <[EMAIL PROTECTED]>
> Subject: re: nmap to port 6001 kills vnc session...
>
> Mike:
> Hello! Some thoughts on what you're seeing:
>
> > If I run nmap on another machine as follows:
> >
> > nmap -p 6001 host.machine
>
> Instead of running nmap on all those ports (the
> - -p <number>, without the number, scans all the low numbered
> ports <1024, plus any that come with the nmap config files)
> have you tried just running it against the 5801/5901 ports?
> That'd be interesting to see if it crashed your Xvnc again.
>
> > This is a very serious problem because it means that a port scan will
> > kill my VNC session. This has happened to me more than once, but I
> > didn't realize it until I scanned myself. It means that anyone in the
> > world can block my use of VNC.
> >
> > If there is some way I can protect myself, please let me know.
>
> Actually, in my experience, an nmap scan like this is
> rather unlikely in the "real world". A scan like this, against
> all 1024 low numbered ports, is about as subtle as a brick, and
> stands out like a bonfire in the firewall logs. In fact, using
> nmap (or Nessus) is a good way to DoS attack a firewall, as it
> creates thousands of log entries very quickly that could fill
> the system disk on some thin-server systems.
> Which of course gets to my final point: you can protect
> yourself against port scans by putting a firewall in between your
> Internet connection and your VNC Solaris machines. Then the
> firewall would take the heat from nmap, and not your VNC servers.
>
> cheers,
> Scott
>
> ------------------------------
>
> Date: Thu, 17 May 2001 01:48:11 -0500 (CDT)
> From: Mike Miller <[EMAIL PROTECTED]>
> Subject: re: nmap to port 6001 kills vnc session...
>
> On Wed, 16 May 2001, Scott C. Best wrote:
>
> > > If I run nmap on another machine as follows:
> > >
> > > nmap -p 6001 host.machine
> >
> > Instead of running nmap on all those ports (the -p <number>,
> > without the number, scans all the low numbered ports <1024, plus any
> > that come with the nmap config files) have you tried just running it
> > against the 5801/5901 ports? That'd be interesting to see if it
> > crashed your Xvnc again.
>
> I haven't tried it, but I don't like to crash it. Maybe someone else can
> try it.
>
> > > This is a very serious problem because it means that a port scan will
> > > kill my VNC session. This has happened to me more than once, but I
> > > didn't realize it until I scanned myself. It means that anyone in the
> > > world can block my use of VNC.
> > >
> > > If there is some way I can protect myself, please let me know.
> >
> > Actually, in my experience, an nmap scan like this is rather
> > unlikely in the "real world".
>
> Like you, I'm in the "real world." It happens sometimes. If by
> 'unlikely' you mean that it doesn't happen often, I agree. If you mean
> "unlikely to happen ever," then I disagree. Lately I've been getting
> scans like this from China. As you suggested, they are not subtle. I
> monitor several machines, so almost nothing seems subtle to me. The fact
> that their activities are obvious doesn't seem to worry most of these
> attackers.
>
> Yes, I could put up a firewall.
>
> This brings me to my original question: Is port 60xx DoS attack a known
> VNC problem?
>
> (I'm not criticizing VNC.)
>
> Mike
>
> ------------------------------
>
> Date: Thu, 17 May 2001 08:44:00 +0100
> From: "Steve Godfrey" <[EMAIL PROTECTED]>
> Subject: Obtaining IP address over internet
>
> I wank to VNC to my home PC from work over the internet, My dial-up modem
> connection is occasionally dropped and the IP address will change every time
> the PC reconnects. Any suggestion for obtaining my IP address remotely?
>
> Thanks
>
> Steve Godfrey
> WAN Team
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:01:23 -0000
> From: "Howlett, Simon (NESL-IT)" <[EMAIL PROTECTED]>
> Subject: RE: Obtaining IP address over internet
>
> Isn't that illegal ?
>
> Simon Howlett
> NT Server Team
>
> -----Original Message-----
> From: Steve Godfrey [mailto:[EMAIL PROTECTED]]
> Sent: 17 May 2001 07:44
> To: [EMAIL PROTECTED]
> Subject: Obtaining IP address over internet
>
> I wank to VNC to my home PC from work over the internet, My dial-up modem
> connection is occasionally dropped and the IP address will change every time
> the PC reconnects. Any suggestion for obtaining my IP address remotely?
>
> Thanks
>
> Steve Godfrey
> WAN Team
>
>
>********************************************************************************************
> E mail Disclaimer
>
> You agree that you have read and understood this disclaimer and you agree to be
>bound by its terms.
>
> The information contained in this e-mail and any files transmitted with
> it (if any) are confidential and intended for the addressee only. If you have
> received this e-mail in error please notify the originator or telephone
> 0191 210 2060 or e-mail [EMAIL PROTECTED]
>
> This e-mail and any attachments have been scanned for certain
> viruses prior to sending but neither Northern Electric plc nor any of the companies
>in the Northern Electric group of companies from whom this e-mail originates shall be
>liable for any losses as a result of any viruses being passed on.
>
> No warranty of any kind is given in respect of any information contained in this
>e-mail and you should be aware that that it might be incomplete, out of date or
>incorrect. It is therefore essential that you verify all such information with us
>before placing any reliance upon it.
>
> Northern Electric plc
> Carliol House
> Market Street
> Newcastle-upon-Tyne
> NE1 6NE
> Registered in England and Wales: Number 2366942
>
>
>********************************************************************************************
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:16:10 +0100
> From: "Steve Godfrey" <[EMAIL PROTECTED]>
> Subject: RE: Obtaining IP address over internet
>
> My typo or obtaining an IP address?!? I hoped no-one would notice that one
> :-(
>
> >>> [EMAIL PROTECTED] 05/17/01 10:01am >>>
> Isn't that illegal ?
>
> Simon Howlett
> NT Server Team
>
> -----Original Message-----
> From: Steve Godfrey [mailto:[EMAIL PROTECTED]]
> Sent: 17 May 2001 07:44
> To: [EMAIL PROTECTED]
> Subject: Obtaining IP address over internet
>
> I wank to VNC to my home PC from work over the internet, My dial-up modem
> connection is occasionally dropped and the IP address will change every time
> the PC reconnects. Any suggestion for obtaining my IP address remotely?
>
> Thanks
>
> Steve Godfrey
> WAN Team
>
> *****************************************************************************
> ***************
> E mail Disclaimer
>
> You agree that you have read and understood this disclaimer and you agree to
> be bound by its terms.
>
> The information contained in this e-mail and any files transmitted with
> it (if any) are confidential and intended for the addressee only. If you
> have
> received this e-mail in error please notify the originator or telephone
> 0191 210 2060 or e-mail [EMAIL PROTECTED]
>
> This e-mail and any attachments have been scanned for certain
> viruses prior to sending but neither Northern Electric plc nor any of the
> companies in the Northern Electric group of companies from whom this e-mail
> originates shall be liable for any losses as a result of any viruses being
> passed on.
>
> No warranty of any kind is given in respect of any information contained in
> this e-mail and you should be aware that that it might be incomplete, out of
> date or incorrect. It is therefore essential that you verify all such
> information with us before placing any reliance upon it.
>
> Northern Electric plc
> Carliol House
> Market Street
> Newcastle-upon-Tyne
> NE1 6NE
> Registered in England and Wales: Number 2366942
>
> *****************************************************************************
> ***************
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Thu, 17 May 2001 10:18:59 +0200
> From: "Gustafsson, Bjorn" <[EMAIL PROTECTED]>
> Subject: RE: Obtaining IP address over internet
>
> Huh?
> How on earth could that be illegal?
>
> Okay, the quick solution:
> Obtain one of those free subdomains (like cjb.net and the likes of it). You
> could then VNC to that address and wouldn't have to worry about the ip. Of
> course you would need a client that refreshes the domain IP every now and
> then.
>
> Can't say if it works though, never attemped the likes of it (no free local
> calls in sweden), but there shouldn't be any problems with it. I however
> doubt that your system/network adminstrator would like you VNCing from work
> to your home machine :)
>
> /Bjorn, who will attempt the same thing once he can get his hands on a
> broadband/DSL connection :)
>
> > -----Original Message-----
> > From: Howlett, Simon (NESL-IT)
> > [mailto:[EMAIL PROTECTED]]
> > Sent: den 17 maj 2001 11:01
> > To: [EMAIL PROTECTED]
> > Subject: RE: Obtaining IP address over internet
> >
> >
> > Isn't that illegal ?
> >
> > Simon Howlett
> > NT Server Team
> >
> >
> > -----Original Message-----
> > From: Steve Godfrey [mailto:[EMAIL PROTECTED]]
> > Sent: 17 May 2001 07:44
> > To: [EMAIL PROTECTED]
> > Subject: Obtaining IP address over internet
> >
> > I wank to VNC to my home PC from work over the internet, My
> > dial-up modem
> > connection is occasionally dropped and the IP address will
> > change every time
> > the PC reconnects. Any suggestion for obtaining my IP
> > address remotely?
> >
> > Thanks
> >
> >
> > Steve Godfrey
> > WAN Team
> > ---------------------------------------------------------------------
> > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > to [EMAIL PROTECTED]
> > See also: http://www.uk.research.att.com/vnc/intouch.html
> > ---------------------------------------------------------------------
> > **************************************************************
> > ******************************
> > E mail Disclaimer
> >
> > You agree that you have read and understood this disclaimer
> > and you agree to be bound by its terms.
> >
> > The information contained in this e-mail and any files
> > transmitted with
> > it (if any) are confidential and intended for the addressee
> > only. If you have
> > received this e-mail in error please notify the originator or
> > telephone
> > 0191 210 2060 or e-mail [EMAIL PROTECTED]
> >
> > This e-mail and any attachments have been scanned for certain
> > viruses prior to sending but neither Northern Electric plc
> > nor any of the companies in the Northern Electric group of
> > companies from whom this e-mail originates shall be liable
> > for any losses as a result of any viruses being passed on.
> >
> > No warranty of any kind is given in respect of any
> > information contained in this e-mail and you should be aware
> > that that it might be incomplete, out of date or incorrect.
> > It is therefore essential that you verify all such
> > information with us before placing any reliance upon it.
> >
> > Northern Electric plc
> > Carliol House
> > Market Street
> > Newcastle-upon-Tyne
> > NE1 6NE
> > Registered in England and Wales: Number 2366942
> >
> >
> > **************************************************************
> > ******************************
> > ---------------------------------------------------------------------
> > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > to [EMAIL PROTECTED]
> > See also: http://www.uk.research.att.com/vnc/intouch.html
> > ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Wed, 16 May 2001 22:24:43 -0700
> From: Alex Perry <[EMAIL PROTECTED]>
> Subject: Argh! HowTo inetd ... script
>
> From: Alex
> > [demime 0.97b removed an attachment of type application/octet-stream
> > which had a name of DOVNC]
> From: "Seth Kneller" <[EMAIL PROTECTED]>
> Subject: RE: Argh! HowTo inetd ...
> > Nice Instructions, however, you should have pasted the script into the
> > body of the message.
> Sigh ... here it is.
>
> #! /bin/bash
> #
> # VNC spawning script
> # ===================
> # (c) Quantum Magnetics 2001, GPL
> #
> ##########################################################################
> #
> # Find out which session
>
> session=${1:-0}
>
> if test $session -lt 0
> then exit 1
> fi
>
> if test $session -gt 0
> then java="-httpd /usr/share/vncserver -httpport 580$session :$session"
> logfile=/var/log/vnc-$session.log
> else java="-inetd"
> logfile=/dev/null
> fi
>
> ##########################################################################
> #
> # Do something sensible with log files
>
> if test -f $logfile
> then if test -f $logfile.gz
> then rm -f $logfile.gz
> fi
> gzip $logfile
> fi
>
> ##########################################################################
> #
> # Find out which XDM to contact
>
> case "$session" in
> 2)
> target="-indirect xdmserver"
> ;;
> 1)
> target="-query appserver"
> ;;
> *)
> target="-query ${2:-localhost}"
> ;;
> esac
>
> ##########################################################################
> #
> # Actually start the server
>
> exec /usr/bin/X11/Xvnc $target $java \
> -geometry 800x600 -depth 16 -deferglyphs 16 -dpi 100 \
> -dontdisconnect -nevershared -once -terminate \
> 2> $logfile
>
> ------------------------------
>
> Date: Thu, 17 May 2001 11:56:21 +0200
> From: Clemens Resanka <[EMAIL PROTECTED]>
> Subject: asciicircum sent twice
>
> Hi all,
>
> I'm using the latest windows vncviewer to view a linux desktop (Xvnc)
> Everything works fine, except the asciicirum (^) key. When I press the
> ^ key it shows up twice (^^).
>
> Now the strange part:
> For testing I remap the keycode to x:
> xmodmap -e "keycode 23 = x"
>
> >From then on I get two capital Xs (XX), when I press the ^ key.
> Can anyone explain this?
>
> Since showkeys does not show anything with the -s flag, I conclude,
> that I do not get scancodes. So I guess the windows-client remaps the
> scancode to a keycode??
>
> I'm using a german keymap. vncclient says it's keyboard 00000407
> Can this problem be solved with the -keyboard option?
>
> So far..
>
> - Clemens -
>
> ------------------------------
>
> Date: Thu, 17 May 2001 13:11:38 +0200
> From: "oan" <[EMAIL PROTECTED]>
> Subject: AW: Obtaining IP address over internet
>
> Go to http://www.no-ip.com there you can register and they are exactly your
> solution (dynamic ip address). You can then download their client and he'll
> update you're ip automatically.
>
> oan
>
> - -----Ursprungliche Nachricht-----
> Von: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]Im Auftrag von Steve Godfrey
> Gesendet: Donnerstag, 17. Mai 2001 09:44
> An: [EMAIL PROTECTED]
> Betreff: Obtaining IP address over internet
>
> I wank to VNC to my home PC from work over the internet, My dial-up modem
> connection is occasionally dropped and the IP address will change every time
> the PC reconnects. Any suggestion for obtaining my IP address remotely?
>
> Thanks
>
> Steve Godfrey
> WAN Team
>
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Thu, 17 May 2001 07:33:07 -0400
> From: "Jonathan D. Proulx" <[EMAIL PROTECTED]>
> Subject: Re: Obtaining IP address over internet
>
> On Thu, May 17, 2001 at 01:11:38PM +0200, oan wrote:
> :Go to http://www.no-ip.com there you can register and they are exactly your
> :solution (dynamic ip address). You can then download their client and he'll
> :update you're ip automatically.
>
> On a similar note, I use http://www.dhs.org for my home machine.
> Theye don't have theirown client, but there's several that user's have
> contributed.
>
> - -Jon
>
> ------------------------------
>
> Date: Thu, 17 May 2001 16:12:45 +0200
> From: "Ran Sasson" <[EMAIL PROTECTED]>
> Subject: Re: remotely installing VNC
>
> > For scripting it, I borrowed the password-encryption of the server code
> and
> > wrote a small command-line registry-setting program that will set a
> > password in the registry (regedit can't do the correct data types for a
> > .REG import), which is really handy.
>
> where can it be found ?
>
> ------------------------------
>
> Date: Thu, 17 May 2001 08:23:17 -0600
> From: "Roger Campbell" <[EMAIL PROTECTED]>
> Subject: RE: vnc without screen update
>
> We are building something similar for a training application. The clients
> (there will be many) are viewing the single server. So, we are changing the
> server to update without the client update request message.
>
> Normally, the client runs a continuous loop that requests update, processes
> update, then repeats. So, there are both client and server changes to your
> request. The server needs to "push" updates without being requested and the
> client needs to receive and process them without sending a request. Our
> solution involves making the server update by assuming a full update was
> requested and then just having clients process the update as they receive
> them.
>
> Roger Campbell
>
> - -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of minou@ife
> Sent: Wednesday, May 16, 2001 10:08 AM
> To: [EMAIL PROTECTED]
> Subject: vnc without screen update
>
> Hello
>
> At our institute we are interested in a version of vnc which does NOT update
> the screen on the client side.
> This because we have different machines sharing the same screen. As there
> are no switchboxes for unix
> and window keyboards we use VNC to share mouse and keyboard.
>
> Hence we looked in the source files of WinServer and Unix/Linux-Clients.
> Here we need some help.
> Who can advice us, which part to change to disable the screen update. Where
> would be the right
> address to get some assistance?
>
> Actually we are trying to figure out if we better change the WinServer of
> the UnixClient. Is it right, that
> the client triggers the screen update, so we could stop the triggering, or
> does the server automatically
> send screen update upon reception of keystrokes and mouse movements?
>
> (of course we disabled all polling and use 8bit colors only)
>
> Help would be very appreciated!
>
> thank you
>
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:18:33 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: Re: Obtaining IP address over internet
>
> Steve,
>
> >I wank to VNC to my home PC from work over the internet, My dial-up modem
> >connection is occasionally dropped and the IP address will change every time
> >the PC reconnects. Any suggestion for obtaining my IP address remotely?
>
> Personally, I use the Tzolkin "dynamic DNS" service (http://www.tzo.com).
> The client came free with my Ugate-3000 broadband gateway, and the service
> is free for 1 year.
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:27:46 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: Re: remotely installing VNC
>
> > > For scripting it, I borrowed the password-encryption of the server code and
> > > wrote a small command-line registry-setting program that will set a
> > > password in the registry (regedit can't do the correct data types for a
> > > .REG import), which is really handy.
> >
> >where can it be found ?
>
> Having written it for personal consumption (I didn't even know this list
> existed at the time, or I'd have asked if anyone already had something that
> did the same thing!), I haven't made it publicly available.
>
> I'll email it to you directly, under separate cover.
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 10:22:55 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: VNC vs Tridia
>
> Okay, I've seen many references to the two suites, but I'm looking for
> something more conclusive.
>
> I see that Tridia has more encoding options (adding compression), but AT&T
> VNC is ported to more platforms. Fine. But as my primary use is 100%
> "wintel" << yeah, yeah, *nix is much better, but I'm a corporate IT guy
> that has to support an infrastructure of wintel boxes---cut me some slack,
> OK ;-) >> and both suites exist for that platform, I'd *really* like to
> know why some of you have mixed installations. Basically, if you're using
> Tridia to get better WAN/dialup inet performance, why keep AT&T VNC around
> for the LAN side? What's to be gained by a mixed VNC infrastructure?
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 10:26:17 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: omnithread_rt.dll
>
> I've been successful running WinVNC and omnithread_rt.dll in the same
> directory, rather than copying the DLL to %winroot%\system or
> %winroot%\system32.
>
> Is there a good reason why the installer still insists on putting the DLL
> in the system directory?
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 11:19:16 -0400
> From: Joe Campbell <[EMAIL PROTECTED]>
> Subject: RE: HELP me please, vnc on windows nt but the users always close the vnc
>client
>
> Dan,
>
> I'm looking for a way to run VNC in stealth mode so it doesn't appear on the
> SysTray.
> I'd rather not turn off the entire system tray. Is that possible?
> We are in an all Windows environment (win 95 clients and Win NT servers)
>
> Joe Campbell
> Express-1, Inc.
> Buchanan, Michigan 49107
> [EMAIL PROTECTED]
>
> - -----Original Message-----
> From: Dan Frantz [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, May 16, 2001 3:06 PM
> To: [EMAIL PROTECTED]
> Subject: RE: HELP me please, vnc on windows nt but the users always
> close the vnc client
>
> Hey, what I did was a little in depth, but then again, I kind of taylor-fit
> VNC to my needs. I work for a call center, and the supervisors wanted visual
> monitoring capabilities. I proposed VNC, and they loved it. It had 3
> problems though:
> 1) no simple way to disable password checking (without a dialog box warning
> msg)
> 2) Users could exit VNC and/or kill all connected clients, mess
> w/properties, etc
> 3) tray icon changed colours when people connected.
>
> It was a bit tricky, but I got all three "problems" fixed.
>
> 1) Set "AuthRequired" to 0 so no password was necessary
>
> 2) A little more difficult, but I had first set it so no one could change
> properties, then I made some registry changes using "AllowProperties" and
> "AllowShutdown". Then I wised up, and discovered I can set it for certain
> users to have access to shutting down and changing properties by specifying
> them in the [HKEY_LOCAL_MACHINE\SOFTWARE\ORL\WinVNC3\<username>] key. (I set
> the whole IT dept up to be able to shutdown/change properties)
>
> 3) a bit more involved, but while editing the source so the silly "warning,
> password blank, blah blah blah" warning dialog box didn't pop-up (it's
> nested in an "if,then,else" statement...just remove the "else" part and it
> compiles fine)I also changed the tray icon to be white at all times
> (replaced the black/green icon with a copy of the normal icon)
>
> Yeah, a bit more difficult and drawn out then what Jason Powell suggested,
> but I wanted to keep the tray icon so I could quickly see who had VNC and
> who did not :) If you want a copy of the regkeys I used, email me back
>
> __________________________________
> Dan Frantz, CNA
>
> - ---------------------------------------------------------------------
> To unsubscribe, send a message with the line: unsubscribe vnc-list
> to [EMAIL PROTECTED]
> See also: http://www.uk.research.att.com/vnc/intouch.html
> - ---------------------------------------------------------------------
>
> ------------------------------
>
> Date: Thu, 17 May 2001 17:38:36 +0200
> From: "Nicolas Sciboz" <[EMAIL PROTECTED]>
> Subject: Vnc server on Unix
>
> Hi !
> Sorry for my english, i' m swiss-french !
> I' ve a question, i start vncserver .... ok !
> i start vncviewer for windows, and i see only the terminal and not my
> x-windows ?
>
> Have you a idea for me ?
>
> Thanks, Nicolas Sciboz
>
> ------------------------------
>
> Date: Thu, 17 May 2001 11:14:38 -0400
> From: Grant McDorman <[EMAIL PROTECTED]>
> Subject: Re: vnc without screen update
>
> Look for x2vnc. It's fairly old, but it works fine. I am using it right now
> to use the same (Unix) keyboard for a Solaris system and a Windows NT system
> sitting on my desktop.
>
> According to minou@ife:
> > Hello
> >
> > At our institute we are interested in a version of vnc which does NOT
> update
> > the screen on the client side.
> > This because we have different machines sharing the same screen. As there
> > are no switchboxes for unix
> > and window keyboards we use VNC to share mouse and keyboard.
> >
> > Hence we looked in the source files of WinServer and Unix/Linux-Clients.
> > Here we need some help.
> > Who can advice us, which part to change to disable the screen update. Where
> > would be the right
> > address to get some assistance?
> >
> > Actually we are trying to figure out if we better change the WinServer of
> > the UnixClient. Is it right, that
> > the client triggers the screen update, so we could stop the triggering, or
> > does the server automatically
> > send screen update upon reception of keystrokes and mouse movements?
> >
> > (of course we disabled all polling and use 8bit colors only)
> >
> >
> > Help would be very appreciated!
> >
> >
> > thank you
> > ---------------------------------------------------------------------
> > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > to [EMAIL PROTECTED]
> > See also: http://www.uk.research.att.com/vnc/intouch.html
> > ---------------------------------------------------------------------
>
> - --
>
> Grant McDorman <[EMAIL PROTECTED]>, Sr. Software Design Consultant
> Cedara Software Corp. <URL:http://www.cedara.com>
> (formerly I.S.G. Technologies Inc.)
> Mississauga, Ontario, Canada
>
> [demime 0.97b removed an attachment of type application/pgp-signature]
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:38:58 -0700
> From: "Michael F. March" <[EMAIL PROTECTED]>
> Subject: Re: VNC vs Tridia
>
> I use them both and since they interoperate very well, it does
> not seem to be a pain to have them both around.
>
> On my Windows box, for instance, both versions of the client
> share most of the same config and register settings so I can
> pop back and forth between both versions with little hassle.
>
> > Okay, I've seen many references to the two suites, but I'm looking for
> > something more conclusive.
> >
> > I see that Tridia has more encoding options (adding compression), but AT&T
> > VNC is ported to more platforms. Fine. But as my primary use is 100%
> > "wintel" << yeah, yeah, *nix is much better, but I'm a corporate IT guy
> > that has to support an infrastructure of wintel boxes---cut me some slack,
> > OK ;-) >> and both suites exist for that platform, I'd *really* like to
> > know why some of you have mixed installations. Basically, if you're using
> > Tridia to get better WAN/dialup inet performance, why keep AT&T VNC around
> > for the LAN side? What's to be gained by a mixed VNC infrastructure?
>
> ------------------------------
>
> Date: Thu, 17 May 2001 09:49:48 -0700 (PDT)
> From: "Scott C. Best" <[EMAIL PROTECTED]>
> Subject: re: nmap to port 6001 kills vnc session...
>
> Mike:
> Hello! I'm sorry that my suggestions don't sound
> appealing to you. It sounds like you found a potential
> weakness in a VNC system, but are dis-inclined to gather
> more data about the particulars. My experience with open
> source projects over the years is that the person who calls
> in the fire is often expected to help aim the hose. :)
> Regarding those real-world nmap scans, and those
> port-53 DNS scans (the Lion worm, was it?) that securityfocus.com
> reported as originating in China somewhere...there is, from
> my POV, a big difference. Certainly, I didn't mean to imply
> that either of them is unimportant and shouldn't be worried
> about. However, it is important IMO to distinguish between
> the relative threat level, and that does include taking
> stock of the frequency of occurrence.
> Like you, I get keyhole scanned several times a day,
> people looking for Sub-7 or RPC or whatever. In fact, my own
> ISP scans me for running an NNTP server at least once a day. :)
> Yet...I don't think I've ever been nmap'd into a denial of
> service. Though there was that time when I unleased a Nessus
> scan on my firewall from www.vulnerabilities.org, just to see
> what'd happen. Ug.
>
> Which gets to your original question: no, until your
> post, I've never heard that Xvnc can be DoS'd with an nmap
> scan. I'd be very much interested, as you would be, if that
> could be confirmed. I don't run Xvnc here, so all the help
> I can offer has been.
> Good luck!
>
> cheers,
> Scott
>
> On Thu, 17 May 2001, Mike Miller wrote:
>
> > On Wed, 16 May 2001, Scott C. Best wrote:
> >
> > > > If I run nmap on another machine as follows:
> > > >
> > > > nmap -p 6001 host.machine
> > >
> > > Instead of running nmap on all those ports (the -p <number>,
> > > without the number, scans all the low numbered ports <1024, plus any
> > > that come with the nmap config files) have you tried just running it
> > > against the 5801/5901 ports? That'd be interesting to see if it
> > > crashed your Xvnc again.
> >
> > I haven't tried it, but I don't like to crash it. Maybe someone else can
> > try it.
> >
> >
> > > > This is a very serious problem because it means that a port scan will
> > > > kill my VNC session. This has happened to me more than once, but I
> > > > didn't realize it until I scanned myself. It means that anyone in the
> > > > world can block my use of VNC.
> > > >
> > > > If there is some way I can protect myself, please let me know.
> > >
> > > Actually, in my experience, an nmap scan like this is rather
> > > unlikely in the "real world".
> >
> > Like you, I'm in the "real world." It happens sometimes. If by
> > 'unlikely' you mean that it doesn't happen often, I agree. If you mean
> > "unlikely to happen ever," then I disagree. Lately I've been getting
> > scans like this from China. As you suggested, they are not subtle. I
> > monitor several machines, so almost nothing seems subtle to me. The fact
> > that their activities are obvious doesn't seem to worry most of these
> > attackers.
> >
> > Yes, I could put up a firewall.
> >
> > This brings me to my original question: Is port 60xx DoS attack a known
> > VNC problem?
> >
> > (I'm not criticizing VNC.)
> >
> > Mike
>
> ------------------------------
>
> Date: Thu, 17 May 2001 19:07:22 +0200
> From: Jan Bletz <[EMAIL PROTECTED]>
> Subject: Connecting to my (small) office network (ADSL problem?)
>
> VNC is a great programme!
>
> But: how can I connect to my office network? I have 3 computers,
> permanently connected with ethernetcards and to the internet (an ADSL
> connected). According to WIN VNC, my IP-address is 10.0.0.10,
> 194.109.244.216, 1.0.0.1 (the first computer in the network, that is). I am
> not able to connect, for some reason. (I can reach the computer when it is
> directly connected to the internet by modem).
>
> I looked through the mailing list archives, but didn't find an answer. (Or
> maybe I did, but didn't understand!) Maybe someone can help? Or do you know
> of a programme I should use instead?
>
> jan
>
> - ----------
> "Half of what I say is meaningless, but I say it just to reach you..."
>
> Werk:
> Jan Bletz Teksten & Onderzoek/Info Pro
> Vossiusstraat 50, 1071 AK Amsterdam
> Tel: 020-4707444/0653-213324
> Fax: 020-4707445
> E-mail: [EMAIL PROTECTED]
>
> Privi:
> Zeeburgerkade 764, 1019 HT Amsterdam
> Tel: 020-6635844
> Fax: 020-4707445
> E-mail: [EMAIL PROTECTED]
>
> Info Pro: www.xs4all.nl/~jan, eYe: www.eyesite.nl, PartInvest:
> www.partinvest.nl, Freeler: www.freeler.nl
>
> Afspraak maken? Zie http://calendar.yahoo.com/public/janbletz voor mijn
> planning.
> Want to make an appointment? See http://calendar.yahoo.com/public/janbletz
> for my schedule.
>
> ------------------------------
>
> Date: Thu, 17 May 2001 12:17:41 -0500
> From: "Mac Reiter" <[EMAIL PROTECTED]>
> Subject: Re: VNC vs Tridia
>
> >> I see that Tridia has more encoding options (adding compression), but AT&T
> >> VNC is ported to more platforms. Fine. But as my primary use is 100%
> >> "wintel" << yeah, yeah, *nix is much better, but I'm a corporate IT guy
> >> that has to support an infrastructure of wintel boxes---cut me some slack,
> >> OK ;-) >> and both suites exist for that platform, I'd *really* like to
> >> know why some of you have mixed installations. Basically, if you're using
> >> Tridia to get better WAN/dialup inet performance, why keep AT&T VNC around
> >> for the LAN side? What's to be gained by a mixed VNC infrastructure?
>
> Handy to have Tridia Server installed so that external/slow access can use
> the Tridia Client and get compression. Internal/fast access users will
> probably prefer the floppy-sized AT&T installer (or, even better, simply
> copying the ~115KB viewer executable) over the 5-6MB Tridia installer
> (which also installs a Java runtime just to execute its install script, and
> leaves it around so that it can execute its uninstall script later).
> Technically, if you only want the viewer, the Tridia Client can also be
> "installed" by simply copying the executable, but some people prefer to
> have a "real" install program...
>
> That's about the only thing I can think of.
> Mac
> _____________________________ /"\
> Mac Reiter \ / ASCII Ribbon Campaign
> Nomadics, Inc. X Against HTML Mail
> [EMAIL PROTECTED] / \ (To join the campaign, simply use
> this in your signature.)
>
> ------------------------------
>
> Date: Thu, 17 May 2001 12:26:14 -0500 (CDT)
> From: Mike Miller <[EMAIL PROTECTED]>
> Subject: re: nmap to port 6001 kills vnc session...
>
> On Thu, 17 May 2001, Scott C. Best wrote:
>
> > Hello! I'm sorry that my suggestions don't sound appealing to
> > you. It sounds like you found a potential weakness in a VNC system,
> > but are dis-inclined to gather more data about the particulars. My
> > experience with open source projects over the years is that the person
> > who calls in the fire is often expected to help aim the hose. :)
>
> I'm sorry that I seemed ungrateful. I was hoping for one of the
> developers to respond. Thanks for getting back to me.
>
> So I did what you wanted and tried nmap to 5801 and to 5901. Neither had
> any effect on the operation of Xvnc. It's only 6001.
>
> Now what I really mean is that VNC running on display :1 is destroyed when
> I nmap port 6001, but VNC for display :7 is destroyed if I nmap port 6007.
> What I mean by 'destroyed' is that if vncviewer was showing that display,
> it immediately stops taking input, and if vncviewer wasn't up, it can no
> longer connect to the server at all (for that display).
>
> > Like you, I get keyhole scanned several times a day, people
> > looking for Sub-7 or RPC or whatever. In fact, my own ISP scans me for
> > running an NNTP server at least once a day. :) Yet...I don't think
> > I've ever been nmap'd into a denial of service.
>
> I have. From China about two weeks ago. They sent 30,214 packets.
> (Maybe they checked that many ports, but my iplog doesn't keep track of
> all of it.) As you said, it was not subtle. See appended info. They
> managed to crack into my machine, but in a fairly lame way (as daemon but
> not as root), so I got rid of them easily.
>
> > Which gets to your original question: no, until your post, I've
> > never heard that Xvnc can be DoS'd with an nmap scan. I'd be very much
> > interested, as you would be, if that could be confirmed. I don't run
> > Xvnc here, so all the help I can offer has been.
>
> Thanks.
>
> Mike
>
> May 5 10:15:59 ICMP: echo from 202.103.98.115 (16 bytes)
> May 5 10:15:59 TCP: tcpmux connection attempt from 202.103.98.115:4104
> May 5 10:15:59 TCP: port 2 connection attempt from 202.103.98.115:4105
> May 5 10:15:59 TCP: port 3 connection attempt from 202.103.98.115:4106
> May 5 10:15:59 TCP: port 4 connection attempt from 202.103.98.115:4107
> May 5 10:15:59 TCP: port 5 connection attempt from 202.103.98.115:4108
> May 5 10:15:59 TCP: port 6 connection attempt from 202.103.98.115:4109
> May 5 10:15:59 TCP: port 8 connection attempt from 202.103.98.115:4111
> May 5 10:15:59 TCP: port 10 connection attempt from 202.103.98.115:4113
> May 5 10:15:59 TCP: systat connection attempt from 202.103.98.115:4114
> May 5 10:15:59 TCP: port 12 connection attempt from 202.103.98.115:4115
> May 5 10:15:59 TCP: port 14 connection attempt from 202.103.98.115:4117
> May 5 10:15:59 TCP: netstat connection attempt from 202.103.98.115:4118
> May 5 10:15:59 TCP: port 16 connection attempt from 202.103.98.115:4119
> May 5 10:15:59 TCP: port 18 connection attempt from 202.103.98.115:4121
> May 5 10:15:59 TCP: port scan detected from 202.103.98.115
> May 5 10:36:29 TCP: port scan mode expired for 202.103.98.115 - received a total of
>30214 packets (845992 bytes).
>
> ------------------------------
>
> Date: Thu, 17 May 2001 12:36:12 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> Jan,
>
> >But: how can I connect to my office network? I have 3 computers,
> >permanently connected with ethernetcards and to the internet (an ADSL
> >connected). According to WIN VNC, my IP-address is 10.0.0.10,
> >194.109.244.216, 1.0.0.1 (the first computer in the network, that is). I am
> >not able to connect, for some reason. (I can reach the computer when it is
> >directly connected to the internet by modem).
>
> it's not clear how your office network is addressed, nor the connection or
> route between client and server machines (the 10.x.x.x address isn't
> publicly routed, and the 1.x.x.x isn't likely a legal one either).
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 20:10:58 +0200
> From: Jan Bletz <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> Thank you!
>
> But how do you find out what the right address is?!? According to my
> provider, it is 194.109.244.216. But if I enter this address, VNC doesn't
> find it.
>
> That's progress for you!
>
> jan
>
> At 12:36 PM 5/17/2001 -0500, you wrote:
> >Jan,
> >
> >>But: how can I connect to my office network? I have 3 computers,
> >>permanently connected with ethernetcards and to the internet (an ADSL
> >>connected). According to WIN VNC, my IP-address is 10.0.0.10,
> >>194.109.244.216, 1.0.0.1 (the first computer in the network, that is). I am
> >>not able to connect, for some reason. (I can reach the computer when it is
> >>directly connected to the internet by modem).
> >
> >it's not clear how your office network is addressed, nor the connection or
> >route between client and server machines (the 10.x.x.x address isn't
> >publicly routed, and the 1.x.x.x isn't likely a legal one either).
> >--
> >Jim Millard
> >Kansas City, MO USA
> >http://www.millard.org/
> >---------------------------------------------------------------------
> >To unsubscribe, send a message with the line: unsubscribe vnc-list
> >to [EMAIL PROTECTED]
> >See also: http://www.uk.research.att.com/vnc/intouch.html
> >---------------------------------------------------------------------
>
> - ----------
> "Half of what I say is meaningless, but I say it just to reach you..."
>
> Werk:
> Jan Bletz Teksten & Onderzoek/Info Pro
> Vossiusstraat 50, 1071 AK Amsterdam
> Tel: 020-4707444/0653-213324
> Fax: 020-4707445
> E-mail: [EMAIL PROTECTED]
>
> Privi:
> Zeeburgerkade 764, 1019 HT Amsterdam
> Tel: 020-6635844
> Fax: 020-4707445
> E-mail: [EMAIL PROTECTED]
>
> Info Pro: www.xs4all.nl/~jan, eYe: www.eyesite.nl, PartInvest:
> www.partinvest.nl, Freeler: www.freeler.nl
>
> Afspraak maken? Zie http://calendar.yahoo.com/public/janbletz voor mijn
> planning.
> Want to make an appointment? See http://calendar.yahoo.com/public/janbletz
> for my schedule.
>
> ------------------------------
>
> Date: Thu, 17 May 2001 13:35:11 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> Jan,
>
> >But how do you find out what the right address is?!? According to my
> >provider, it is 194.109.244.216. But if I enter this address, VNC doesn't
> >find it.
> >
> >That's progress for you!
>
> Which machine/device/host has the 194.109.x.x address? If your provider is
> giving it to you, then that's ONE address, although you mention 3 boxes in
> your first post. Is that address assigned to a broadband router, or your
> own machine (with a DSL "modem")? What's the IP of the other machines you
> mention? Are either one a machine you want to run the client from, or is
> there a 4th machine in the mix?
>
> Before you worry about getting VNC to connect, you need to make sure that
> the machines in question can route to each other: can you ping from one to
> the other (and vice-versa)? Are there any firewalls or NAT/NPT'ing gateways
> that're filtering inbound traffic?
> - --
> Jim Millard
> Kansas City, MO USA
> http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 13:33:27 -0500
> From: Michael Procter <[EMAIL PROTECTED]>
> Subject: Re: nmap to port 6001 kills vnc session...
>
> Mike Miller wrote:
>
> > On Wed, 16 May 2001, Scott C. Best wrote:
> >
> > > > If I run nmap on another machine as follows:
> > > >
> > > > nmap -p 6001 host.machine
> > >
> > > Instead of running nmap on all those ports (the -p <number>,
> > > without the number, scans all the low numbered ports <1024, plus any
> > > that come with the nmap config files) have you tried just running it
> > > against the 5801/5901 ports? That'd be interesting to see if it
> > > crashed your Xvnc again.
> >
> > I haven't tried it, but I don't like to crash it. Maybe someone else can
> > try it.
> >
>
> Mike, I did against a couple of my Linux boxes and had no problems, whether
> the viewer was open or not.
>
> >
> > This brings me to my original question: Is port 60xx DoS attack a known
> > VNC problem?
> >
> > (I'm not criticizing VNC.)
> >
>
> Really, I've nmapped machines running vnc all the time -- that's how I
> noticed I was running one I didn't aim to be running the other day. I've
> never seen one crash due to the nmap. RPM tells me I have vnc-3.3.3r2-4 for
> what it's worth.
>
> Michael Procter
> [EMAIL PROTECTED]
>
> ------------------------------
>
> Date: Thu, 17 May 2001 14:40:37 -0700
> From: "Lee Allen" <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> > But how do you find out what the right address is?!? According to my
> > provider, it is 194.109.244.216. But if I enter this address, VNC doesn't
> > find it.
>
> If you have DSL, there is a very good chance you have a DSL modem/firewall.
> And this device is probably performing NAT: Network Address translation. If
> that's the case, two things have to be done:
> 1) you have to know the real, public IP address of your network (that may
> be the 194.x.x.x address)
> 2) your DSL modem/firewall must recognize the incoming VNC connections and
> redirect them to the internal IP addresses.
>
> I think the first step is to go to your ISP and ask them your public IP
> address(es), and whether you have NAT, and if so, whether your firewall can
> be configured to redirect (aka port forwarding).
>
> Quick explanation of NAT:
> your PCs each have a unique IP address, often in the 192.168.0.x range (but
> in your case probly the 10.0.0.x range)
> your DSL router has two sides: a public (external) side and a private
> (internal) side
> on the public side it has a real public Internet IP address
> on the private side it has a private ('fake') IP address in the same range
> as your PCs (maybe 10.0.0.1)
> for every packet going through the firewall, the firewall converts the IP
> addresses public <--> private
> this provides 2 benefits:
> - - even though you have 3 PCs your ISP only utilizes 1 IP address (and they
> are becoming scarce)
> - - protection from crackers
>
> Think of this like an office phone system. You could have 100 different
> internal numbers (extensions) but only 1 phone line.
>
> - -Lee Allen
>
> > At 12:36 PM 5/17/2001 -0500, you wrote:
> > >Jan,
> > >
> > >>But: how can I connect to my office network? I have 3 computers,
> > >>permanently connected with ethernetcards and to the internet (an ADSL
> > >>connected). According to WIN VNC, my IP-address is 10.0.0.10,
> > >>194.109.244.216, 1.0.0.1 (the first computer in the network, that is). I
> am
> > >>not able to connect, for some reason. (I can reach the computer when it
> is
> > >>directly connected to the internet by modem).
> > >
> > >it's not clear how your office network is addressed, nor the connection
> or
> > >route between client and server machines (the 10.x.x.x address isn't
> > >publicly routed, and the 1.x.x.x isn't likely a legal one either).
>
> ------------------------------
>
> Date: Thu, 17 May 2001 21:11:25 +0200
> From: Harmen van der Wal <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> Lee Allen wrote:
> >
> > > But how do you find out what the right address is?!? According to my
> > > provider, it is 194.109.244.216. But if I enter this address, VNC doesn't
> > > find it.
> >
> > If you have DSL, there is a very good chance you have a DSL modem/firewall.
> > And this device is probably performing NAT: Network Address translation. If
> > that's the case, two things have to be done:
> > 1) you have to know the real, public IP address of your network (that may
> > be the 194.x.x.x address)
> > 2) your DSL modem/firewall must recognize the incoming VNC connections and
> > redirect them to the internal IP addresses.
> >
> > I think the first step is to go to your ISP and ask them your public IP
> > address(es), and whether you have NAT, and if so, whether your firewall can
> > be configured to redirect (aka port forwarding).
> >
> > Quick explanation of NAT:
> > your PCs each have a unique IP address, often in the 192.168.0.x range (but
> > in your case probly the 10.0.0.x range)
> > your DSL router has two sides: a public (external) side and a private
> > (internal) side
> > on the public side it has a real public Internet IP address
> > on the private side it has a private ('fake') IP address in the same range
> > as your PCs (maybe 10.0.0.1)
> > for every packet going through the firewall, the firewall converts the IP
> > addresses public <--> private
> > this provides 2 benefits:
> > - even though you have 3 PCs your ISP only utilizes 1 IP address (and they
> > are becoming scarce)
> > - protection from crackers
> >
> > Think of this like an office phone system. You could have 100 different
> > internal numbers (extensions) but only 1 phone line.
> >
> > -Lee Allen
> >
> > > At 12:36 PM 5/17/2001 -0500, you wrote:
> > > >Jan,
> > > >
> > > >>But: how can I connect to my office network? I have 3 computers,
> > > >>permanently connected with ethernetcards and to the internet (an ADSL
> > > >>connected). According to WIN VNC, my IP-address is 10.0.0.10,
> > > >>194.109.244.216, 1.0.0.1 (the first computer in the network, that is). I
> > am
> > > >>not able to connect, for some reason. (I can reach the computer when it
> > is
> > > >>directly connected to the internet by modem).
> > > >
> > > >it's not clear how your office network is addressed, nor the connection
> > or
> > > >route between client and server machines (the 10.x.x.x address isn't
> > > >publicly routed, and the 1.x.x.x isn't likely a legal one either).
>
> Just guessing...
>
> - ---------|----------------------|---------------ppp0
> 10.0.0.138 10.0.0.xxx 194.109.244.216
> adsl modem eth0
>
> 192.1.0.xxx (LAN)
> eth1
>
> Ok, I'm not that smart: this is what I have.
>
> An account with 4 (routable) IP adresses is also possible (adsl fast
> old? style).
>
> Jan, I think you should bind WinVNC to the dial-up interface.
>
> - --
> Harmen
> http://www1.tip.nl/~t515027/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 14:28:22 -0500 (CDT)
> From: Mike Miller <[EMAIL PROTECTED]>
> Subject: Re: nmap to port 6001 kills vnc session...
>
> On Thu, 17 May 2001, Michael Procter wrote:
>
> > Mike, I did against a couple of my Linux boxes and had no problems,
> > whether the viewer was open or not.
>
> Thanks. I tried a different Sun and it did *not* crash. That Sun is
> running Solaris 2.5.1 while the others were running Solaris 2.6. All
> machines are running Xvnc v3.3.3, so I guess it's a problem with Solaris
> 2.6, unless it's a difference in something that was used to compile Xvnc.
> I think I compiled all of the Xvncs myself.
>
> > Really, I've nmapped machines running vnc all the time -- that's how I
> > noticed I was running one I didn't aim to be running the other day.
> > I've never seen one crash due to the nmap. RPM tells me I have
> > vnc-3.3.3r2-4 for what it's worth.
>
> Thanks. I guess it's a Solaris 2.6 problem. I'll let you all know if I
> ever figure out more than that.
>
> Regards,
>
> Mike
>
> ------------------------------
>
> Date: Thu, 17 May 2001 21:29:18 +0200
> From: Harmen van der Wal <[EMAIL PROTECTED]>
> Subject: Re: Connecting to my (small) office network (ADSL problem?)
>
> Harmen van der Wal wrote:
> >
> > Jan, I think you should bind WinVNC to the dial-up interface.
> >
>
> Sorry, that is probably incorrect. Please ignore.
>
> - --
> Harmen
> http://www1.tip.nl/~t515027/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 15:47:30 -0400
> From: "William Arbuckle" <[EMAIL PROTECTED]>
> Subject: RE: HELP me please, vnc on windows nt but the users always close the vnc
>client
>
> TridaVNC does this......................
>
> FYI
> William
>
> ------------------------------
>
> Date: Thu, 17 May 2001 16:47:00 -0400
> From: Grant McDorman <[EMAIL PROTECTED]>
> Subject: Re: nmap to port 6001 kills vnc session...
>
> 600x is the X server port. It has known vunerabilities (XFree86, for example
> had a simple one-packet DoS attack on its port; this is probably still
> present in Xvnc, since it's based on XFree86).
>
> The X security is not very strong, either; what's more, people often turn it
> off (the command 'xhost +').
>
> Unless you are sending X traffic through the Internet, I would suggest that
> you do not open those ports through your firewall. You certainly don't need
> them open if you're using only a VNC viewer remotely.
>
> According to Mike Miller:
> > On Thu, 17 May 2001, Scott C. Best wrote:
> >
> > > Hello! I'm sorry that my suggestions don't sound appealing to
> > > you. It sounds like you found a potential weakness in a VNC system,
> > > but are dis-inclined to gather more data about the particulars. My
> > > experience with open source projects over the years is that the person
> > > who calls in the fire is often expected to help aim the hose. :)
> >
> > I'm sorry that I seemed ungrateful. I was hoping for one of the
> > developers to respond. Thanks for getting back to me.
> >
> > So I did what you wanted and tried nmap to 5801 and to 5901. Neither had
> > any effect on the operation of Xvnc. It's only 6001.
> >
> > Now what I really mean is that VNC running on display :1 is destroyed when
> > I nmap port 6001, but VNC for display :7 is destroyed if I nmap port 6007.
> > What I mean by 'destroyed' is that if vncviewer was showing that display,
> > it immediately stops taking input, and if vncviewer wasn't up, it can no
> > longer connect to the server at all (for that display).
> >
> >
> > > Like you, I get keyhole scanned several times a day, people
> > > looking for Sub-7 or RPC or whatever. In fact, my own ISP scans me for
> > > running an NNTP server at least once a day. :) Yet...I don't think
> > > I've ever been nmap'd into a denial of service.
> >
> > I have. From China about two weeks ago. They sent 30,214 packets.
> > (Maybe they checked that many ports, but my iplog doesn't keep track of
> > all of it.) As you said, it was not subtle. See appended info. They
> > managed to crack into my machine, but in a fairly lame way (as daemon but
> > not as root), so I got rid of them easily.
> >
> >
> > > Which gets to your original question: no, until your post, I've
> > > never heard that Xvnc can be DoS'd with an nmap scan. I'd be very much
> > > interested, as you would be, if that could be confirmed. I don't run
> > > Xvnc here, so all the help I can offer has been.
> >
> > Thanks.
> >
> > Mike
> >
> >
> > May 5 10:15:59 ICMP: echo from 202.103.98.115 (16 bytes)
> > May 5 10:15:59 TCP: tcpmux connection attempt from 202.103.98.115:4104
> > May 5 10:15:59 TCP: port 2 connection attempt from 202.103.98.115:4105
> > May 5 10:15:59 TCP: port 3 connection attempt from 202.103.98.115:4106
> > May 5 10:15:59 TCP: port 4 connection attempt from 202.103.98.115:4107
> > May 5 10:15:59 TCP: port 5 connection attempt from 202.103.98.115:4108
> > May 5 10:15:59 TCP: port 6 connection attempt from 202.103.98.115:4109
> > May 5 10:15:59 TCP: port 8 connection attempt from 202.103.98.115:4111
> > May 5 10:15:59 TCP: port 10 connection attempt from 202.103.98.115:4113
> > May 5 10:15:59 TCP: systat connection attempt from 202.103.98.115:4114
> > May 5 10:15:59 TCP: port 12 connection attempt from 202.103.98.115:4115
> > May 5 10:15:59 TCP: port 14 connection attempt from 202.103.98.115:4117
> > May 5 10:15:59 TCP: netstat connection attempt from 202.103.98.115:4118
> > May 5 10:15:59 TCP: port 16 connection attempt from 202.103.98.115:4119
> > May 5 10:15:59 TCP: port 18 connection attempt from 202.103.98.115:4121
> > May 5 10:15:59 TCP: port scan detected from 202.103.98.115
> > May 5 10:36:29 TCP: port scan mode expired for 202.103.98.115 - received a
> total of 30214 packets (845992 bytes).
> > ---------------------------------------------------------------------
> > To unsubscribe, send a message with the line: unsubscribe vnc-list
> > to [EMAIL PROTECTED]
> > See also: http://www.uk.research.att.com/vnc/intouch.html
> > ---------------------------------------------------------------------
>
> - --
>
> - -Grant "Kamisama" McDorman, Senor Software Design Tipster[1], Advanced
> AppleCations
>
> [1] Consultant: A tipster disguised as an oracle, especially one who
> has learned to decamp at high speed in spite of the
> large briefcase and heavy wallet.
> - Stan Kelly-Bootle, _The Devil's DP Dictionary_
>
> Fortune Cookie of the Moment:
> People will accept your ideas much more readily if you tell them that
> Benjamin Franklin said it first.
>
> [demime 0.97b removed an attachment of type application/pgp-signature]
>
> ------------------------------
>
> Date: Fri, 18 May 2001 00:04:56 +0200
> From: "Bo Berglund" <[EMAIL PROTECTED]>
> Subject: How to install VNC on remote machine
>
> I need to install a GUI interface to a W2000 Pro machine so I can administrate
> it remotely.
> I think that VNC will be possible to use, since I cannot use Terminal Server
> because the machine is a workstation and not a server.
> The problem I have is that it is 6000 miles away and I can only get to it
> through a VPN tunnel over the Internet. I have already installed Remote
> Console so I can get to a command prompt on that machine and I can map drive
> letters to the admin shares C$ and D$.
> So basically I can do whatever is possible in the way of copying files and
> giving command line commands.
>
> But I cannot run an InstallShield setup.exe program to get the VNC server
> installed, because that is a GUI thing. Catch 22!
>
> So my question is:
> Is it possible to install the VNC server on that machine without physically
> travelling overseas to its keyboard?
> If so, how is it accomplished??
>
> Obviously I am the admin of that machine.
>
> /Bo Berglund
>
> ------------------------------
>
> Date: Thu, 17 May 2001 15:32:40 -0700
> From: "Brian Street" <[EMAIL PROTECTED]>
> Subject: RedHat 7.0 and VNC
>
> Hello,
>
> The problems continue ...
>
> I've managed to get VNC running on Solaris 8 and RedHat 6.2 and still have
> Solaris 2.6 and RedHat 7.0.
>
> I haven't started the Solaris 2.6 yet, but the RedHat 7.0 machine is giving
> me quite the fits.
>
> RedHat 7.0 is running xinetd and I converted my inetd.conf entry to the
> xinetd format with a script inetdconvert. I'm unable to resolve the
> "invalid protocol" error.
>
> I thought I saw a post about IPv6 causing this problem but am unable to
> locate it. Am I headed in the right direction?
>
> Thanks,
> Brian Street.
>
> ------------------------------
>
> Date: Thu, 17 May 2001 21:38:01 -0400
> From: "Rob Cornelius" <[EMAIL PROTECTED]>
> Subject: Re: Obtaining IP address over internet
>
> Try a free e-mailing client that can sent a e-mail message to you with your
> ip address. you can have your pc create a text file with the ip address by
> using the command /? at the end of the winipcfg or ipconfig command.
>
> Use the > symbol followed by the file name you want created:
>
> for example dir >c:\dir.txt will create the text file showing the directory
> list
>
> Rob
>
> >From: "Steve Godfrey" <[EMAIL PROTECTED]>
> >Reply-To: [EMAIL PROTECTED]
> >To: <[EMAIL PROTECTED]>
> >Subject: Obtaining IP address over internet
> >Date: Thu, 17 May 2001 08:44:00 +0100
> >
> >I wank to VNC to my home PC from work over the internet, My dial-up modem
> >connection is occasionally dropped and the IP address will change every
> >time
> >the PC reconnects. Any suggestion for obtaining my IP address remotely?
> >
> >Thanks
> >
> >
> >Steve Godfrey
> >WAN Team
> >---------------------------------------------------------------------
> >To unsubscribe, send a message with the line: unsubscribe vnc-list
> >to [EMAIL PROTECTED]
> >See also: http://www.uk.research.att.com/vnc/intouch.html
> >---------------------------------------------------------------------
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
>
> ------------------------------
>
> Date: Thu, 17 May 2001 21:24:15 -0500
> From: Jim Millard <[EMAIL PROTECTED]>
> Subject: Re: How to install VNC on remote machine
>
> >So my question is:
> >Is it possible to install the VNC server on that machine without physically
> >travelling overseas to its keyboard?
> >If so, how is it accomplished??
>
> 1) install the package to your own local machine
> 2) start the WinVNC server with the password you want on the remote machine
> 3) copy the contents of the local directory to the remote machine
> 4) copy %windir%\system32\omnithread_rt.dll to the remote machine
> 5) on the remote console, run "winvnc -install" (no quotes)
> 6) using regedt32, open the remote machine's registry and copy *exactly*
> the following registry entry from your box (you'll have to create some keys):
> Key: HKLM\SOFTWARE\ORL\WinVNC3\Default
> Value: Password
> Type: BINARY
> Content: password hash from your machine
> 7) on the remote console, run 'net start "vnc server"'
>
> It should let you connect just fine. You'll end up with all the defaults
> because the only thing you "pre set" was the password, but once you're on
> it via GUI, you can further refine the settings using the GUI dialog box.
>
> >Obviously I am the admin of that machine.
> >
> >/Bo Berglund
> >---------------------------------------------------------------------
> >To unsubscribe, send a message with the line: unsubscribe vnc-list
> >to [EMAIL PROTECTED]
> >See also: http://www.uk.research.att.com/vnc/intouch.html
> >---------------------------------------------------------------------
>
> - --
> Jim Millard
> +--------------------------------------------------------------+
> Kansas City, MO http://www.millard.org/
>
> ------------------------------
>
> Date: Thu, 17 May 2001 23:38:31 -0500 (CDT)
> From: Mike Miller <[EMAIL PROTECTED]>
> Subject: Re: Obtaining IP address over internet
>
> On Thu, 17 May 2001, Rob Cornelius wrote:
>
> > Try a free e-mailing client that can sent a e-mail message to you with
> > your ip address. you can have your pc create a text file with the ip
> > address by using the command /? at the end of the winipcfg or ipconfig
> > command.
> >
> > Use the > symbol followed by the file name you want created:
> >
> > for example dir >c:\dir.txt will create the text file showing the
> > directory list
>
> On Win98 (what I'm using), I'd have to use this command:
>
> winipcfg /Batch c:\dir.txt
>
> the /? is not supported, but with /Batch, no redirection is needed, it
> goes straight to the file. If no name is given, it goes to winipcfg.out
> in the default directory.
>
> Mike
>
> ------------------------------
>
> End of vnc-list-digest V1 #1136
> *******************************
>
> To stop receiving this digest, mail [EMAIL PROTECTED]
> with the line 'unsubscribe vnc-list-digest' in the message BODY
> See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
