There is a documented setting in the VNC Server to allow internal loopback connections. I don't remember what it is offhand, but it is described in the section detailing how to create a secure connection.
> -----Original Message----- > From: Michael Ossmann [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, January 16, 2002 12:26 > To: [EMAIL PROTECTED] > Subject: Re: Providing (Windows) VNC support to clients that > have strict > corporate firewalls > > > On Wed, Jan 16, 2002 at 02:40:16PM -0500, Chuck Renner wrote: > > > > Since VNCviewer states, "Internal loopback connections are > not allowed", the > > implication is that there is a setting that WILL allow > them, either in the > > source, or in the GUI settings. Is this the case? > > I wasn't expecting this. I have no idea why loopback connections > wouldn't be allowed, and I suspect a source code change would be > required to change it. Anyone? > > > 2. Opening the SSH connection from the client to the > SSHD your Linux > > firewall is effectively like creating a VPN connection from > the client to > > your network. This opens a huge security hole in your > network, and gives > > someone on the client's network the ability to snoop around > your network > > when the connection is made. > > One of the advantages of using public key authentication is > that OpenSSH > can limit port forwarding to particular host:port > combinations specified > by the permitonly option in the authorized_keys file. > > -- > Mike Ossmann, Tarantella/UNIX Engineer/Instructor > Alternative Technology, Inc. http://www.alttech.com/ > --------------------------------------------------------------------- > To unsubscribe, mail [EMAIL PROTECTED] with the line: > 'unsubscribe vnc-list' in the message BODY > See also: http://www.uk.research.att.com/vnc/intouch.html > --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
