Hi, tcp-wrappers, article

Cary B. O'Brien cobrien "at" access.digex.net
Fri, 13 Mar 1998 04:15:13 +0000


OK, I'm on the mailing list now.

Hi to all.  VNC is fantastic.  It really freaks people out
when I tell them to point their browsers to (whatever):5801 and
up pops a unix desktop.  Or a windows desktop.  Ok, so it is only
usable when both machines are fast, but it's slick.  And I really
like being able to get at my machine from anywhere in the company,
even when the clients (stupidly) don't have X.

Issue 1 (of 2).

I checked the mailing list archive, but I didn't see anything
about this so...

I've been thinking about the following additions.  

Background:

I have a front-end web server outside a firewall that I need to check
on daily.  I'd like to simply fire up vncserver, and start up a couple
of xterms with tail -f of the important logfiles, and leave it up.
That way every morning I could start up vncviewer, look at the
logfiles, make sure all is well, and disconnect.

But, since this machine is outside the firewall, I'd rather not
have outside hosts be able to even connect to Xvnc, even with the
password protection.

I've got two ideas:

1) Add a startup parameter that specifies what IP address to bind
   the listen address to (rather than IADDR_ANY).  This way I could bind 
   the listen address to 128.0.0.1 (loopback), and have a tcp-wrapper 
   protected netcat or redir listening for connections from my machine, 
   which would be  forwarded to Xvnc.  This would also be good for dual-homed 
   machines  in DMZ-type firewall setups.  This would allow connections only from
   the internal lan.

2) Build in source address based authentication using the library that
   comes with tcp_wrappers.

Comments? 


Issue 2:

I offered to write a short article about VNC for _The Linux Journal_.  This
will be just an overview of what VNC is, what can be done with it, and
how to get it.

I'd be interested in hearing from anyone who 

	1) wants to share success stories about vnc.
	2) wants to share information about the origin/history of vnc
	3) wants to give the article a once-over when it's written.  

Issue 2.1:

There was a (??) ACM(?) IEEE(?) Article about the RFB system
at olivetti about a year ago.  Does anyone have the reference?

Glad to meet you all...

Cary O'Brien
Washington DC

cobrien "at" access.digex.net