Date: Tue, 23 Apr 2002 21:25:21 -0400 (EDT) From: John Mills <jmmills@telocity.com> To: Steven Lake <raiden@shell.core.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Next question on VNC Message-ID: <Pine.LNX.4.21.0204232108310.8770-100000@otter.mills-atl.com> In-Reply-To: <Pine.GSO.4.44L0.0204211640480.10162-100000@shell.core.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, Steven - DISCLAIMER - I'm guessing part of this. You should confirm it for yourself. On Sun, 21 Apr 2002, Steven Lake wrote: > Ok, one more question about VNC. (the last hopefully) How do you > change the default port that it listens on? I've got a fbsd box and a > windows box (two separate admins) both logging into the same win98se box. As user on an X-Window system, you start a local instance of the VNC X-server on the Unix box, against a particular value of DISPLAY [':x', where X seems to range from 0 (usually the console) to 99 (the largest value I could force into my Linux test mule)]. You also assign a password against whichever $DISPLAY you may start. You can start more than one server and connect to them separately, by $DISPLAY, but I think they all share one display password. You then logout from the X-host (or not), and can connect from a remote Unix, MsWin, or Mac workstation - two whatever servers have been left running on the X-host. MsWinNT and -2K can't support more that one graphic display, so you connect with the local display which must be running, and you share it with anyone sitting at the console (like 'PC Anywhere'). Given that limit, I don't see how multiple servers could be left in place on a MsWin host (but I haven't tried it), so it sounds as though any users coming in to the MsWin box would have to cooperate (or compete) for resources, as they would all share the same screen. I have no idea whether Win98 can export a display, but VNC docs would say. > For security we'd like to change the default port it listens on if > possible. :) You may be able to change the port, but port scanners don't care what the 'conventional' use of a given port is. > Win9x sucks for security so we're trying to come up with ways to > better protect this box. These are just a few ideas. You can tunnel VNC through SSH, which would be a good idea if you come across an open network. Again, coming _into_ a Win98 box sounds a bit problematic. if you are going between Unix hosts, 'ssh -X' is a better way to fly, because the window manager runs locally and you don't put all that type of traffic across the net. Hope that much of that is factual, and that it helps a bit. &8-) - John Mills To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0204232108310.8770-100000>