Re: WinVNC

From: *Vanguard* (no-email_at_post-reply-in-newsgroup.invalid)
Date: 04/30/04

Date: Thu, 29 Apr 2004 23:47:27 -0500

"Leythos" said in
> In article <>,
> no-email@post-reply-in- newsgroup.invalid says...
>> "Leythos" said in
>>> In article <>,
>>> no-email@post-reply-in- newsgroup.invalid says...
>>>> "Leythos" ( said in
>>>>> In article <>,
>>>>> no-email@post-reply-in- newsgroup.invalid says...
>>>>>> But the OP said the potential customers CAN browse web pages. If
>>>>>> they are still using the default port 80 to do so, why wouldn't
>>>>>> the VNC client which was also using port 80 be able to get
>>>>>> through?
>>>>> Most hospitals have an IT policy the prohibits people from
>>>>> installing or running applications which were not installed or
>>>>> authorized by the IT department.
>>>>> Every hospital I've done IT work for would fire/reprimand someone
>>>>> for installing VNC.
>>>>> --
>>>> But the user is NOT *installing* it if it runs from a floppy. It
>>>> runs from the floppy. It doesn't install any files onto their
>>>> computer. So the hospitals policy would also have to include
>>>> RUNNING any programs that are not on their okay list.
>>> In a strict sense, if you didn't find it on the computer then you
>>> installed it in order to use it - inserting a floppy that contains a
>>> executable that was not provided by the IT department, in order to
>>> view content through a hole in the firewall (port 80) for something
>>> other than web sites might well get the person(s) in hot water.
>>> --
>> Since the VNC client is a client (and not a server), I can't see this
>> being more a security breach than letting them also use a browser.
>> In fact, the VNC viewer looks to be more secure than any browser.
>> From what I've seen of VNC, it is on the VNC server host where the
>> security issues must be addressed, not on the client side (i.e.,
>> Mike needs to protect his hosts running VNC server rather than his
>> hospital clients running VNC clients worrying about what Mike can do
>> to them). But if there is any doubt and you're in a draconian
>> company, especially one recently burned by hackers, viruses, or
>> malcontents (external and internal), then it is best to ask. It is
>> possible, for example, that Mike isn't the nice guy he pretends to
>> be and the VNC viewer program he provides has been modified to do
>> "other tasks" on his customer's computers, so Mike should really
>> tell his customers to go get the VNC viewer themselves from a known
>> and respected web site.
> Looks like we're on the same page here.
> --

Yeah. I like the phrase "we're in vehement agreement". Sneakernet is
one way viruses manage to circumvent a protected network as are hosts
with modems making dial-up connections. I remember our test lab having
its own router, anti-virus, and firewall appliances to protect us from
our own fellow employees on our corporate network. Not even IT folks
got into our computer room without one of us monitoring their activity,
and it was rare they ever needed or even wanted to go in there.

*** Post replies to newsgroup.  Share with others.
*** Email: domain = ".com" and append "=news=" to Subject.

Relevant Pages

  • Re: a good PC?
    ... you are correct - the X server runs on the ... This requires far less of the client (and can thus easily ... VNC uses far more network bandwidth as it transmitts ...
  • Re: Telecommuting
    ... > going to the Brisque console. ... > proof the pages to the plotter at work and send the client a raster PDF ... What VNC does is make a remote keyboard/monitor/mouse over IP. ... So you put a VNC server on your work PC. ...
  • Re: RealVNC
    ... I use VNC behind server ... Default listening port for RealVNC server that runs on the machine on ... Then there is default Java listening port on port 5800 on the client ... VNC pops "Trying to connect to remote assistant" ...
  • Re: OS X to Win XP RDC
    ... What VNC server and client are you using? ... I asked what version Mac OS you are running because classic Mac OS versions of VNC were typically slower and more problematic than Mac OS X versions of VNC are today, especially the server. ... I asked what version VNC server and client you used, because certain versions are better than others. ...
  • Re: VNC multiplexer
    ... >> I've got a client that would like to be able to connect to VNC servers ... Said servers are assigned dynamic IPs via ... > this ip address to server x or printer y put it bluntly... ...