Kaboodle 0.99d and VNC
Scott C. Best
sbest "at" best.com
Mon Nov 8 18:14:00 2004
Heya. Yes: with no ports enabled/forwarded, two Kaboodle
users can VNC and file-transfer with each other.
As for what it implies about the firewalls...that's a
very big "it depends". Kaboodle uses the open-source echoWare.DLL
to establish a long-term TCP connection with an echoServer called
KaboodleProxy that acts as a "relay" between Kaboodle clients. So
if the firewall is smart enough to block an echoWare to echoServer
connection, then of course it won't work. But consumer-grade
firewall/routers like LinkSys and Netgear products aren't that
smart: by default, they will allow out any outbound connections.
And since the echoServer owner can run that server on any port
they want (443, for example), the connection will be passed on
most commercial-grade firewalls -- with their out of the box
configuration -- as well.
With the echoWare/echoServer approach, all of the traffic
looks like it's "outgoing", from the perspective of the firewall.
Which is, of course, the same approach that VNC's "add client" and
SSH's "reverse tunnels" have been utilizing for years.
On Mon, 8 Nov 2004, James Weatherall wrote:
>> Heyaz. I released version 0.99d of Kaboodle today.
>> As some might recall...when you use Kaboodle to connect two
>> networks together using KaboodleProxy, you can VNC and
>> file-transfer across a firewall/router without either side
>> having to do any port-forwarding adjustments. No really. :)
> Through two *completely* closed firewalls, i.e. with no ports
> enabled/forwarded? Doesn't that imply that the firewalls really aren't
> doing a very good job? ;)
> Wez @ RealVNC Ltd.