Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Some VNC doubts : access server behind TCP/IP proxy or gateways

From: Raghu Chinthoju <raghu.chinthoju () gmail com>
Date: Tue, 5 Jul 2005 14:03:37 +0530
VNC supports reverse connections, check http://www.tinyapps.org/vnc/

But then, you need some sort of trigger from road warrior side to run
"winvnc -connect <RW IP> on the server. I guess you can design the
best way for this based on your setup, may be via an ASP page or even
as simple as an email command.

If your gateways support some sort of client authentication, may be
its the best bet.

Raghu


On 7/5/05, Aditya Deshmukh <aditya.deshmukh () online gateway strangled net> wrote:

Hi List,

I have a very peculiar problem about accessing VNC server behind gateways
and proxy server...

Here is the background info...

I have a client who has pretty big vnc installation base mostly windows but
Linux and Solaris also includes.

Most of the Road Warriors have windows with vnc and ssh installed on them (
mostly winxp sp2 )

VNC is used to remote admin or support for some of the road warriors. But
most of the times when the VNC server is behind a gateway like this it wont
connect.

[ Internet ] -- [ Gateway ] --- [ Lan ]

The work about is to use the UltraVNC relay service, but if you don't have
any control over the gateway this becomes impossible to operate. And I hate
to open ports in the firewalls of the road warriors' computers.

Is there a way something like reverse shell that allows someone to connect
to a VNC server, behind gateway and through firewalls without opening any
holes in it or a tcp/ip proxy that is proxy that does not allow connections
from the internet ?

Basically, The user initiates the connection and the helpdesk can use the
same socket to the laptop for connection over VNC ( vnc encryption and
compression have already been taken care of, and only one socket is needed
for all this- for a firewall I would require only one hole )


Any help would be appreciated - aditya





________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: