Restricting host accesses
Nick Kay
nick "at" nexnix.co.uk
Tue, 28 Apr 1998 14:17:29 +0000
>>>>
<excerpt>From: Matthias Nott
To: VNC List
Subject: Restricting host accesses
Date: Tue, 28 Apr 1998 08:28:02 +0100
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4
Sender: owner-vnc-list "at" orl.co.uk
<fontfamily><param>Arial</param><smaller>Hello all,
</smaller></fontfamily>
<fontfamily><param>Arial</param><smaller>I don't see the point: It is not
difficult at all to include some code in
vncserver directly to restrict access from certain ip addresses, as
long
as vncserver knows which ip address is trying to make a connection.
Just include some Listbox in the configuration dialog and store the
banned ip addresses in the registry (in order to avoid to have some
database handling) - for windoze95/nt, i mean.
</smaller></fontfamily>
<fontfamily><param>Arial</param><smaller>Cheers
</smaller></fontfamily>
<fontfamily><param>Arial</param><smaller>Matthias
</smaller></fontfamily>
</excerpt><<<<<<<<
A better idea than the ".vncaccess" (was htaccess) method - as long as
the
address list is retained during vncserver stop/start or Windows (95/NT)
reboot.
Until a security mechanism like this is in place I cannot install VNC on
any
of my clients machines, which is a real shame because VNC is perfect
for
the remote admin (ie over the Net) of NT servers.
I would like to emphasise that this function is _needed_ on the Windows
port,
the Unix port can be protected using tcpwrappers (as everyone kindly
suggested ;) )
Regards,
Nick Kay,
NexNix Ltd, 1 TriStar Business Centre, Star Road,
Partridge Green, West Sussex, England. RH13 8RY
mailto://nick@nexnix.co.uk, http://www.nexnix.co.uk
Voice: +44 (0) 1403-713131, Fax: +44 (0) 1403-713132