Is it possible to tunnel VNC over HTPP to go through a firewall

Rasmus Emil Møller AER "at"
Tue, 14 Nov 2000 09:47:39 +0000

Angel R. Puerta" <puerta "at"> wrote:

>I have a situation where the vnc server is behind a firewall that has only
>standard ports open (such as the http ports). The vnc client is outside
>firewall and the fw is not allowing the 5800 and 5900 traffic required
>using the java applet on a web browser to run vnc. We are using windows
>2000 on the server side and win 98/nt/2000 on the client side (outside
>Has anyone come up with a solution to this problem? Can all the traffic be
>tunneled through http? or is there an appropriate solution for this
>in the windows environment?

The short answer is yes - any single TCP port can be tunneled with the free
software httptunnel :

I don't know anything about the guys who make it - though it looks fine to
small, compact and efficient code - binaries for windows exist also.

It requires HTS.EXE running on the machine outside the firewall/proxy
and HTC.EXE on the machine inside. I made a shot through our test-proxy,
and it worked fine. It should be easy to include other tunnels like Zebedee
in the chain - only caveat may be increased latency.

As my group is also in charge of firewall/proxy security, I have hesitated
to broadcast the availability of such tools - however, it _is_ a false
of security to rely on HTTP proxy. Any program/user can make two-way data
transfers through it. There is even a commercial niche for firms, who
sell proxy/firewall/socks penetration services - for example

I hope I have not opened Pandora's Box ... but I think we should do better
than hoping for Security Through Ignorance.


Rasmus Mxller
IT System Programming PC
To unsubscribe, send a message with the line: unsubscribe vnc-list
to majordomo "at"
See also: