Wiki Home

VNC


Namespace: Wiki
Point of Wiki Protocol please: flag your changes with # U # ( but without the spaces) to let people know what, on this long and likely Category Needs Refactoring topic has changed. From memory, I can't tell. Thanks! - ?tr

VNC stands for Virtual Network Computing. It is, in essence, a remote display system which allows you to remotly control the machine (keyboard/mouse, run apps...) from anywhere on the Internet and from a wide variety of machine architectures.

This is an especially good tool for talking someone through a set of steps over the phone. You can explain what you are doing while they watch the actions occur on their screen. They will either have to run a VNC server while you run the client, or you can run the server on a demo box (or your developent box, but I would not let any of my clients on my main box...) so that both of you can see what they are doing.

If you hit the server's port 5800 with a webbrowser (http://ser.ver.ip.adr:5800) the server will supply a java client that will allow the web browser to control the server. It is slower than the .EXE client, but it works.

It does not do printer redirection - use an IP based printer - (I forget what thats called)

For you firewall folks: The Server (host/WinVnc.exe) listens on port 5900 and optionally 5800 for Java. The Client (viewer/VncViewer.exe) listens to 5500 to establish a connection from a server. The Java viewer is downloaded from the server on port 5800, but it then connects to the server 5900. These are the defaults; the VNC server and viewer ports are all configurable, either in setup dialogs or by passing the port on the command line.

It's best to use VNC over SSH for better security. You can do this both using a VNC viewer and a browser. All you need to do is forward some local ports on your machine through the SSH tunnel to the ports on the machine running the VNC server.

Say you've set up the VNC server on machine Bob to use display Y (default is 0).

Now you want to access machine Bob via your local PC over SSH using the VNC viewer.

Establish you SSH connection and set up port forwarding as follows:

local port 595Y to Bob port 590Y
Then connect to VNC server localhost:5Y

If you instead want to use your browser to connect to the VNC server, you need to do the following:

Establish your SSH connection and set up port forwarding as follows:

local port 590Y to Bob port 590Y
local port 585Y to Bob port 580Y
Then go to URL http://localhost:5850 in your browser

If you are using Linux the SSH command would look something like:

ssh -1 -x -C -L 5900:Bob:5900 -L 5850:Bob:5800 "ssh server"

It's free, no pay!

VNC Scan Enterprise Console - http://www.vncscan.com - Allows you to access VNC through safe mode and deploy Ultra VNCOffsite link to http://www.ultravnc.com/ with encryption. I haven't found this feature in any other remote control application out there today. Ultra VNCOffsite link to http://www.ultravnc.com/ supports encryption without VncScan... read about it at http://doc.uvnc.com/features/encryption.html

Does the VNC server support multiple simulaneous client connections? Meaning, when I do a product demo, can I have many remote systems connected and viewing my host?
Depends on the OS. You can "share" the same screen for demos with TightVNC, not sure about RealVNC.

Ultra VncOffsite link to http://www.ultravnc.com/ - yes (not by default, but there is an option to allow it). Keep in mind that each outgoing connection will require the same amount of band width, and maybe even the same abount of CPU. When I had 5 clients connected to 1 server over a 200K cable modem connectin, things got really sluggish.
Variations on VNC: (newest/best on the top)
http://www.uvnc.com/ - [email protected] 'best' yet
http://www.realvnc.com
http://www.tightvnc.com
http://perso.wanadoo.fr/samfd/esvnc/ - even better yet
http://www.btinternet.com/~harakan/PalmVNC/ - A VNC Viewer for the Palm OS! Don't laugh it works. - ?jMM
http://www.sics.se/~adam/contiki/ctk-vnc.html - VNC Server for Contiki on C64 AppleII and some other really small/old computers
http://www.uk.research.att.com/vnc original VNC

http://www.sodan.org/~penny/vncrec/ - a VNC based Screen Recorders.
VNCScan Enterprise ConsoleOffsite link to http://www.vncscan.com
-- Commercial Administration Tool for VNC computers.
Be aware that VNC in Windows passes unencrypted streams. A scanning hacker can figure your login details and thereby obtain an immediate method to control the target machine. You can try to implement SSH but I can't make that work properly in Windows. -- John Ryan
Better yet, pipe it through Putty or ZeeBeeDee - Chameleon
There's a good howto on securing VNC using stunnel at http://www.securityfocus.com/infocus/1677 -- Stuart Dunkeld

Ultra VNCOffsite link to http://www.ultravnc.com/ * http://www.uvnc.com * has an encryption plug-in that is easily deployed. See the VNC Scan blurb above for info on that. It's RC4 encryption.
Ultra VNCOffsite link to http://www.ultravnc.com/ supports encryption without VncScan... read about it at http://doc.uvnc.com/features/encryption.html
Another advantage over proprietary remote control solutions is the cross-platform features. (I am typing this on a W2K machine running VNCViewer onto a VNCServer running Mozilla on RedHat 8.0). Within the LAN, this can be a convenient and inexpensive remote control solution for Win95 print servers, Linux file or data servers from Windows, Linux or OS X workstations. -- Ted Roche
VNC differs from the built-in remote desktop and remote assistance of XP. It's possible to get access to the console with VNC, so you can do any remote managmeent/administration task. So our network admins still prefer to use VNC for remote server control.
-- Paul Maskens
On the other hand: VNC soooooo slooooowww. If you are used to remote desktop (XP), or RAdmin i would not recommend it (Both have GDI-hooks). When using 1280x1024x32 these still work very fast.
With Remote Desktop you can log remotely in without exposing your computer logged in. But VNC is free ;-) RAdmin price $35, far cheaper (and faster) than the big companies. On the other hand: there are more free remote control programs which do their job, so afaiks the only advantage is cross-platform control.
-- Hugo Logmans
A way to deal with firewalls on both ends.
Here is a common setup:
Box-A is the box you the expert sit in front of.
Box-B is the box your client sits in front of. Client wants support, so you want to control their box.
The firewall/router/NAT/gateway whatever at your end is Gateway-A, the one the clients site is Gateway-B
IPa1 is the public IP of Gatway-A. IPa2 is the private IP of Box-A.

On Gateway-A forward port 5500 to Box-A.
On Box-A run "C:\Program Files\UltraVnc\vncviewer.exe" -listen

Gateway-B is left alone. (assuming Box-B can send packets to any port of any public IP, which is a safe assumption.)

Client runs winvnc on Box-B. This can be done as a service or when needed. Whatever it takes to get the VNC icon in the tray.

When client needs support, you have them right click the VNC icon in the tray, select "Add New Client", enter IPa1 (numbers or name if you have one) and hit OK.

A Viewer window will open on your side, and within about 5 seconds you should have control over their box. Notice noone needed a password. That is both a good thing and a bad thing.

Carl Karsten
Ulta Vnc now has a VncRepeater

3 users that run server on their 3 machines, then leave for lunch. All 3 have private IP's, and you can only ask the tech to forward ports once a month. So you have him forward 5900 to one of the boxes, run the repeater on that box, and now you can connect to any other box on that LAN. If more boxes are added, you can get to them too without having to bother the tech that tweeks the gateway.

(very rough explanation, please add details)

Carl Karsten

Additional note: VNCScan (a $40 commercial product at http://www.vncscan.com) has built in support for this repeater, too.
No matter how I tried both RealVNC and Ultra VNCOffsite link to http://www.ultravnc.com/ work lousy under WinXP Pro in LAN. I have two computers: WinXP Home runs VNC server accessed by WinXP Pro through wireless connection. Every 10-15 seconds the viewer gets frozen for 3-5 seconds, quite annoying. I have stopped Terminal Services and Fast User Switch on both computers, as some VNC FAQs suggest, did not make a difference. Any ideas?

May 25, 2004: I withdraw all my previous suggestions said not in favour of VNC. One of the most useful and time-saving tools I've ever known.
-- Anatoliy Mogylevets

It might be a good idea to turn off the "auto" bandwidth feature. The auto bandwidth feature can switch back and forth between encodings and cause the freezes. Ultra seems better at that than the others. - DSW

I use WinXPPro and a wireless (802.11b) connection to VNC over SSH to Linux and OS X boxes without a problem. It may be a hosting issue on the WinXPHome box - I have no experience with that half-OS. If possible, test with a wired connection to determine if it might be a bandwidth issue. Can you test in reverse direction to see if swapping client and server make a difference? Lower bitmap depth and size to minimum. Check for running processes on WinXPh box - could be indexing services or anti-virus clogging CPU? -- ?tr

Remember to turn OFF video acceleration on Windows VNC servers during remote sessions, especially in headless installations. This will increase VNC's responsiveness considerably, and is even recommended by Ultra VNCOffsite link to http://www.ultravnc.com/.

In 802.11xxx you may have to change base "channels" (1-4). Watch out for interferers like X-10 video cameras and other continuous transmitters and other WAPs in the neighborhood.
- lexein

See also: Terminal Services in RemoteAdministration
Contributors: John Martin Carl Karsten
Category Thin Client Category Third Party Tools
( Topic last updated: 2015.03.07 04:45:23 PM )