Providing (Windows) VNC support to clients that have strict corporate firewalls

Steve Palocz spalocz "at" tgtsolutions.com
Mon, 14 Jan 2002 21:09:44 +0000


I agree totally with this opinion. I have been using vnc through ssh with a
few client for almost a year now. It is great as most corporate firewalls
have both 80 and 443 open for web browsers. As long as it is not packet
filtering, or proxied, then all works well.
All the client needs to implement is the ssh client (and some
configuration), and putty works well for this. The benefits are, the client
needs not to reconfigure the network or special access. Only one machine is
needed for the ssh tunnel. And it is encrypted through the ssh tunnel.

Steve

-----Original Message-----
From: owner-vnc-list "at" uk.research.att.com
[mailto:owner-vnc-list "at" uk.research.att.com]On Behalf Of Michael Ossmann
Sent: Monday, January 14, 2002 3:36 PM
To: vnc-list "at" uk.research.att.com
Subject: Re: Providing (Windows) VNC support to clients that have strict
corporate firewalls


On Mon, Jan 14, 2002 at 02:34:16PM -0500, Chuck Renner wrote:
>
> There needs to be a way to change ALL Ports used by VNC, not just the
ports
> it listens on.  Ports used for outgoing connections should be able to be
> changed both on the command-line, and through the GUI interface.  Since
this
> isn't built-in, I had to build a small hack instead.

Most people who are concerned with firewall traversal are also concerned
about the very insecure protocol used by VNC traveling over the
Internet.  If you tunnel VNC through SSH on port 443, it solves both
problems.

--
Mike Ossmann, Tarantella/UNIX Engineer/Instructor
Alternative Technology, Inc.  http://www.alttech.com/
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------