vnc w/ 4port Linksys DSL router

rh.ccm@juno.com rh.ccm "at" juno.com
Sun, 06 Jan 2002 20:57:36 +0000


Thank you, Michael.  That was most helpful.  I will try your suggestions
and see how it goes, hopefully early this week.

Randy
_______________________________________________________
> > Question 1:   I understand that I have to set port forwarding on the
dsl
> > router setup to port 5900 (or 59xx), but what address do I plug in to
be
> > forwarded?  I presume I use one of the addresses supplied by my ISP,
but
> > do I use the IP address, the Primary DNS, the Gateway, or the Subnet
> > Mask, or do I use the Destination LAN (DCHP) IP address?  I'm new at
> > networking, and a bit confused as to which address to use.

> 1) The "Service Port Range" needs to be set to 5900~5900.
> 2) The protocol must be set to TCP.
> 3) The IP address is the address of the host machine you want to 
> take over.
> 
> If this doesn't work, please note that you may have to open port 
> 5800 as well if you are using the Java viewer in a web browser. Try
looking 
> though the FAQ's for more information. The FAQ can be found at 
> http://www.uk.research.att.com/vnc/faq.html.
> 
> > Question 2:   The Linksys dsl router requires me to turn off DCHP 
> > to use Port Forwarding.  Am I loosing something important by doing
this?
> 
> Check again. Unless you are using one of the BETA revisions of the 
> firmware, you should not have to disable DHCP in order to enable 
> port forwarding.
> 
> DHCP is used to assign each of the computers on your network a 
> unique IP address. If all of the companies IP addresses are hard coded,
you do 
> not require DHCP.
> 
> Note that in some cases, DHCP will assign a different address to a 
> machine when that machine requests or tries to renew its address. If
this 
> happen, you will not be able to VNC though the router as the address
set 
> under forwarding will no longer correspond to the right machine, if any
at 
> all.  In this case, hard coded IP addresses will be the only way to
ensure 
> a consistent IP address. Note that only the machines running a VNC 
> host you will be connecting to will require a hard coded address.
> 
> Finally, if you plan on connecting to more than one machine on your 
> network though the Linksys, you will need to have them each setup on a 
> different port. For example, Jack's machine will be listening for a VNC

> connection on port 5900. Larry's might be on 5901, Mary's on 5902, etc.
In that 
> case, you will have to add a port forwarding entry on the Linksys for
each 
> machine, also specifying the appropriate IP address for each machine.
> 
> > Question 3:   By opening up port 5900 on the dsl router, am I also
> > opening up a hole in my firewall that a hacker (or whatever we're 
> > calling them) can detect and walk through?
> 
> Yes. Anytime you poke a hole in your firewall, you decreasing the 
> level of security of your network. As port 5900 is a well known port
for VNC, 
> one thing you might consider is to change it to a non-standard port. 
> This proposal is not foolproof but it will reduce the chances of being 
> detected by someone specifically scanning for machines running VNC on
port 
> 5900.
> 
> >Thanks for your help.
> 
> You are welcome. Hope you find some of this helpful. Feel free to 
> let The List know if you run into any problems.
> 
>                                  Michael
> 
> ------------------------------
>
________________________________________________________________
GET INTERNET ACCESS FROM JUNO!
Juno offers FREE or PREMIUM Internet access for less!
Join Juno today!  For your FREE software, visit:
http://dl.www.juno.com/get/web/.
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------