Success was Re: VNC Server setup on Linux

Michael Ossmann michael.ossmann "at" alttech.com
Fri, 18 Jan 2002 00:57:31 +0000


On Thu, Jan 17, 2002 at 04:06:58PM -0600, Joel Sherrill wrote:
> Michael Ossmann wrote:
> > 
> > Yeah, XDMCP runs on UDP/177, which is why it can't easily be secured
> > over SSH or tested with telnet.  You can use netcat or nmap to test for
> > it.
> 
> If you could give instructions on how to test the various ports
> to show they are alive, that would be great debugging info
> for the writeup.

Sure.

The tool I recommend for testing the availability of both TCP and UDP
ports is nmap, which is part of several Linux distributions and is also
available here:

http://www.insecure.org/nmap/

Nmap is a port scanner (or "network mapper") which is a great tool for
performing security audits as well as for one-shot tests of specific
ports.

To test for XDMCP:

  nmap -sU -p 177 hostname

which will probably tell you something like:
  The 1 scanned port on hostname (IP) is: closed
or
  Interesting ports on hostname (IP):
  Port       State       Service
  177/udp    open        xdmcp

To test for WinVNC:

  nmap -sT -p 5900 hostname

To test for VNC on multiple screens (:1, :2, :3, etc.) as well as web
access for Java VNC:

  nmap -sT -p 5800-5999 hostname

This should yield something like:
  Interesting ports on hostname (IP):
  (The 196 ports scanned but not shown below are in state: closed)
  Port       State       Service
  5801/tcp   open        vnc
  5802/tcp   open        unknown
  5901/tcp   open        vnc-1
  5902/tcp   open        vnc-2

Note that the service names reported by nmap are guesses that it makes
by looking up port numbers in a table and not based on actual protocol
analysis.  The guesses are generally pretty good for common services and
worse for less common services.  Nmap has many other features that I
won't go into, but here's a little taste:

To find all hosts on an entire subnet with any VNC services running:

  nmap -sT -p 5900-5999 192.168.0.1-254


-- 
Mike Ossmann, Tarantella/UNIX Engineer/Instructor
Alternative Technology, Inc.  http://www.alttech.com/
---------------------------------------------------------------------
To unsubscribe, mail majordomo "at" uk.research.att.com with the line:
'unsubscribe vnc-list' in the message BODY
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------