Binding VNC to a nic on a multi nic system

Alex Heylin aheylin "at" cix.co.uk
Mon, 07 Jun 1999 23:13:11 +0000 

Why not do this properly and use your firewall to only allow access to th=
e
ports on the external card that you want to use, eg 80 for www, etc etc...

If you can connect from the Net to any port on "external" card in that
server, then you have a security problem already.  I suggest you stop peo=
ple
getting to the box, unless allowed to do so - eg to port 80.

Just my =A30.02 worth...


Alex Heylin

----- Original Message -----
From: Matthew Drouin <matt "at" webhosters.com>
To: <vnc-list "at" uk.research.att.com>
Sent: Sunday, June 06, 1999 6:41 PM
Subject: Binding VNC to a nic on a multi nic system


> Hello--
>     I have been looking all to see if vnc already supports binding to a
> single nic on a multiple nic system. The gist of it is that there are 2
> network cards in all the web servers for a company I am doing some
> consulting for. One nic is an internal card (for the internal network) =
and
> one is a real world card (for the internet). It would be awesome if it =
was
> possible to bind it such that only connections from the internal nic co=
uld
> be made to the vnc server. The reason I want this is so that I can dial
into
> the local network and vnc to the machines without having to worry about
> people from the internet being able to connect to the machines. I don't
> think that denying ip's will work because it so happens the internal
network
> is 125.1. which I think is routable on the internet so I would deny all
> besides that and if someone was from that subnet then they could still =
get
> in. But I could be incorrect and if I am that would be very kewl. I als=
o
> know adding in the binding is not a hard thing to do but why do it if i=
ts
> already done and I just missed it in the documentation.
>
> Thanks
> Matthew Drouin
> matt "at" webhosters.com
> Definitive Guide to World Wide Web Providers
>
>
> ---------------------------------------------------------------------
> The VNC mailing list - see http://www.uk.research.att.com/vnc/intouch.h=
tml
> ---------------------------------------------------------------------
>


---------------------------------------------------------------------
The VNC mailing list - see http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------