VNC through fire wall methods.

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

VNC through fire wall methods.

James Gardiner-3

Just reading the list, it is an interesting topic on methods used to bypass NAT fire walls.

VPN being a common one.

I was wondering if anyone has a small install tool that would, for example, get a VNC system to use SSH port tunneling.
Ie, VNC installed on system.  Small utility gets system to SSH connect to a outside server "via SSH" and share port 5900 onto that server at a specified port.  So an external person who wanted to connect to this VNC server that was behind a NAT firewall could simply VNC to this SSH server and port.  Making this ssh server secure, this would result in a end to end secure channel.

Does anyone know of a tool like this?

Regards,
James Gardiner
[m] +61 4 12 997011
 
digitAll pty ltd / Digital Cinema Network Australia (DCN)
Development Office
One Kings Place,
South Melbourne, VIC 3205
[p] +61 3 9686 5415
 
www.digitall.net.au  --  www.dcnaustralia.com.au -- www.cinetechgeek.com

------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC through fire wall methods.

Peter Blakeley
depending in your OS hamachi vpn works great 

pb...

On 8 March 2012 07:54, James Gardiner <[hidden email]> wrote:

Just reading the list, it is an interesting topic on methods used to bypass NAT fire walls.

VPN being a common one.

I was wondering if anyone has a small install tool that would, for example, get a VNC system to use SSH port tunneling.
Ie, VNC installed on system.  Small utility gets system to SSH connect to a outside server "via SSH" and share port 5900 onto that server at a specified port.  So an external person who wanted to connect to this VNC server that was behind a NAT firewall could simply VNC to this SSH server and port.  Making this ssh server secure, this would result in a end to end secure channel.

Does anyone know of a tool like this?

Regards,
James Gardiner
[m] <a href="tel:%2B61%204%2012%20997011" value="+61412997011" target="_blank">+61 4 12 997011
 
digitAll pty ltd / Digital Cinema Network Australia (DCN)
Development Office
One Kings Place,
South Melbourne, VIC 3205
[p] <a href="tel:%2B61%203%209686%205415" value="+61396865415" target="_blank">+61 3 9686 5415
 
www.digitall.net.au  --  www.dcnaustralia.com.au -- www.cinetechgeek.com

------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list




--
Peter Blakeley - Attain Consultants - mobile: 0427-723-814 [ www.attainconsult.com  ]

* SECURITY: Virus-Protection, Firewalls, Auditing, Upgrades, Repairs, Troubleshooting
* NETWORK: Windows, Linux, Design, Setup, Management, Troubleshooting
   * INTERNET: Web site design, Java programming, JEE2, JSP, Servlets, RMI, EJB, XML, Workflow, Accounting, Web Services

"Why open source? because I prefer to surf the wave to the beach rather than swim all the way in."

Get Firefox! www.firefox.org  - 
Use www.OpenOffice.org




------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC through fire wall methods.

Eldon Ziegler
In reply to this post by James Gardiner-3
On Linux, something like this will do it.

ssh <user>@<remote> -L 15900:localhost:5900

and then give the local viewer localhost:15900

On Windows, switch to Linux.

Best,
Eldon Ziegler
Atlantic Database Systems, Inc.
Cape Cod, MA


On Thu, 2012-03-08 at 08:54 +1100, James Gardiner wrote:

>
>
> Just reading the list, it is an interesting topic on methods used to
> bypass NAT fire walls.
>
>
> VPN being a common one.
>
>
> I was wondering if anyone has a small install tool that would, for
> example, get a VNC system to use SSH port tunneling.
> Ie, VNC installed on system.  Small utility gets system to SSH connect
> to a outside server "via SSH" and share port 5900 onto that server at
> a specified port.  So an external person who wanted to connect to this
> VNC server that was behind a NAT firewall could simply VNC to this SSH
> server and port.  Making this ssh server secure, this would result in
> a end to end secure channel.
>
>
> Does anyone know of a tool like this?
>
> Regards,
> James Gardiner
> [m] +61 4 12 997011
>  
> digitAll pty ltd / Digital Cinema Network Australia (DCN)
> Development Office
> One Kings Place,
> South Melbourne, VIC 3205
> [p] +61 3 9686 5415
>  
> www.digitall.net.au  --  www.dcnaustralia.com.au --
> www.cinetechgeek.com
> ------------------------------------------------------------------------------
> Virtualization & Cloud Management Using Capacity Planning
> Cloud computing makes use of virtualization - but cloud computing
> also focuses on allowing computing to be delivered as a service.
> http://www.accelacomm.com/jaw/sfnl/114/51521223/
> ___________________________________________________________ TightVNC mailing list, [hidden email] To change your subscription or to UNSUBSCRIBE, please visit https://lists.sourceforge.net/lists/listinfo/vnc-tight-list



------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC through fire wall methods.

James Gardiner-3

On Thu, Mar 8, 2012 at 9:55 AM, Eldon Ziegler <[hidden email]> wrote:
On Linux, something like this will do it.

ssh <user>@<remote> -L 15900:localhost:5900

and then give the local viewer localhost:15900

On Windows, switch to Linux.

I wish.  Its on our to do list but by no means is it a small project to move our technology onto a linux based distribution.
We develop changes with this in mind and live in hope.

But, yes we are stuck with windows (WES7) for now.  So Windows based solutions are the aim.

James
 

------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC through fire wall methods.

John Serink
In reply to this post by Peter Blakeley
On windows use freesshd, I use it all the time to administer my windows server farms from my linux box.

Note that cisco's SSHd does not support tcp tunneling, at least I've never been able to get it to work. The Digi transport series of routers' sshd however, does support tcp tunneling as will any linux based router's sshd.

In the case of cisco, I put a static nat entry into the router to forward ssh requests on some innocuous port to the freesshd service port on a windows box then configure freesshd to allow port forwarding both to external hosts and localhost. This way you can ssh to the windows box and open your tnvc tunnel through the ssh tunnel.

Note that the ssh console clinet on linux has problems connecting to freesshd whereas putty does not, I use putty.

On windows 7 and 2008 freesshd works but the little work space menubar icon-app does not. So, what you need to do is start the configuation app and IGNORE the service status in the app of the ssh and telnet servers, change any settings you want and close the app. Then from a cmd console issue:
Sc stop freesshdservice
Sc start freesshdservice

And you're sweet, the service has read the new settings from the registry when it started.

The whole thing works a treat.

Cheers,
John

 
From: Peter Blakeley [mailto:[hidden email]]
Sent: Thursday, March 08, 2012 11:38 AM
To: James Gardiner <[hidden email]>
Cc: vnc-tight-list <[hidden email]>
Subject: Re: VNC through fire wall methods.
 
depending in your OS hamachi vpn works great 

pb...

On 8 March 2012 07:54, James Gardiner <[hidden email]> wrote:

Just reading the list, it is an interesting topic on methods used to bypass NAT fire walls.

VPN being a common one.

I was wondering if anyone has a small install tool that would, for example, get a VNC system to use SSH port tunneling.
Ie, VNC installed on system.  Small utility gets system to SSH connect to a outside server "via SSH" and share port 5900 onto that server at a specified port.  So an external person who wanted to connect to this VNC server that was behind a NAT firewall could simply VNC to this SSH server and port.  Making this ssh server secure, this would result in a end to end secure channel.

Does anyone know of a tool like this?

Regards,
James Gardiner
[m] <a href="tel:%2B61%204%2012%20997011" value="+61412997011" target="_blank">+61 4 12 997011
 
digitAll pty ltd / Digital Cinema Network Australia (DCN)
Development Office
One Kings Place,
South Melbourne, VIC 3205
[p] <a href="tel:%2B61%203%209686%205415" value="+61396865415" target="_blank">+61 3 9686 5415
 
www.digitall.net.au  --  www.dcnaustralia.com.au -- www.cinetechgeek.com

------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list




--
Peter Blakeley - Attain Consultants - mobile: 0427-723-814 [ www.attainconsult.com  ]

* SECURITY: Virus-Protection, Firewalls, Auditing, Upgrades, Repairs, Troubleshooting
* NETWORK: Windows, Linux, Design, Setup, Management, Troubleshooting
   * INTERNET: Web site design, Java programming, JEE2, JSP, Servlets, RMI, EJB, XML, Workflow, Accounting, Web Services

"Why open source? because I prefer to surf the wave to the beach rather than swim all the way in."

Get Firefox! www.firefox.org  - 
Use www.OpenOffice.org




------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC through fire wall methods.

Rohit Patil
In reply to this post by James Gardiner-3
James, You can use cygwin or PuTTY on Windows to do what Eldon Ziegler suggested on Linux. I do it often using ssh on cygwin.

-Rohit.

On Mar 7, 2012, at 3:45 PM, James Gardiner <[hidden email]> wrote:


On Thu, Mar 8, 2012 at 9:55 AM, Eldon Ziegler <[hidden email]> wrote:
On Linux, something like this will do it.

ssh <user>@<remote> -L 15900:localhost:5900

and then give the local viewer localhost:15900

On Windows, switch to Linux.

I wish.  Its on our to do list but by no means is it a small project to move our technology onto a linux based distribution.
We develop changes with this in mind and live in hope.

But, yes we are stuck with windows (WES7) for now.  So Windows based solutions are the aim.

James
 
------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list

------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

RE: VNC through fire wall methods.

Yury Averkiev

Hi James,

Our VNC Manager includes built-in support for SSH port-forwarding for VNC and RDP connections. When using it there is no need to mess with Cygwin and Putty, everything is done under the hood.

http://www.s-code.com/products/vncmanager/

 

 

Kindest regards,
Yury Averkiev

SmartCode Solutions
Tel: +1 (650) 276-0434 (USA) | Tel: +65 91125904 (Singapore)
Fax: +1 (866) 383-4944 | Web:
www.s-code.com


CONFIDENTIALITY NOTICE: This message is intended only for the named recipient and may contain confidential, proprietary or legally privileged information. Unauthorized individuals or entities are not permitted access to this information. Any dissemination, distribution, or copying of this information is strictly prohibited. If you have received this message in error, please advise the sender by reply e-mail, and delete this message and any attachments.

From: Rohit Patil [mailto:[hidden email]]
Sent: Thursday, March 08, 2012 12:22 PM
To: James Gardiner
Cc: vnc-tight-list
Subject: Re: VNC through fire wall methods.

 

James, You can use cygwin or PuTTY on Windows to do what Eldon Ziegler suggested on Linux. I do it often using ssh on cygwin.

 

-Rohit.

On Mar 7, 2012, at 3:45 PM, James Gardiner <[hidden email]> wrote:


On Thu, Mar 8, 2012 at 9:55 AM, Eldon Ziegler <[hidden email]> wrote:

On Linux, something like this will do it.

ssh <user>@<remote> -L 15900:localhost:5900

and then give the local viewer localhost:15900

On Windows, switch to Linux.

I wish.  Its on our to do list but by no means is it a small project to move our technology onto a linux based distribution.

We develop changes with this in mind and live in hope.

 

But, yes we are stuck with windows (WES7) for now.  So Windows based solutions are the aim.

 

James

 

------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/

___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list


------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC through fire wall methods.

James Gardiner-3
In reply to this post by Rohit Patil


Guys,
I am talking about adding some type of AUTOMATED tool to that when a system starts, to makes a SSH connection to a server which logs it into a dummy shell and sets up the tunnel.  So its always there.  All I need to VNC is have access to this ssh-server and the ports used for the tunnel and I can get past the nat-firewall.
This all needs to be automated and setup with configuration files so it just happens.
I am kind of looking for a logmein and similar capability but based on VNC and my own infrastructure.

James


On Thu, Mar 8, 2012 at 3:21 PM, Rohit Patil <[hidden email]> wrote:
James, You can use cygwin or PuTTY on Windows to do what Eldon Ziegler suggested on Linux. I do it often using ssh on cygwin.

-Rohit.


On Mar 7, 2012, at 3:45 PM, James Gardiner <[hidden email]> wrote:


On Thu, Mar 8, 2012 at 9:55 AM, Eldon Ziegler <[hidden email]> wrote:
On Linux, something like this will do it.

ssh <user>@<remote> -L 15900:localhost:5900

and then give the local viewer localhost:15900

On Windows, switch to Linux.

I wish.  Its on our to do list but by no means is it a small project to move our technology onto a linux based distribution.
We develop changes with this in mind and live in hope.

But, yes we are stuck with windows (WES7) for now.  So Windows based solutions are the aim.

James
 
------------------------------------------------------------------------------

Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list


------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

RE: VNC through fire wall methods.

Bob McConnell
In reply to this post by James Gardiner-3
> From: James Gardiner
>
> Just reading the list, it is an interesting topic on methods used to bypass NAT fire walls.
>
> VPN being a common one.
>
> I was wondering if anyone has a small install tool that would, for example, get a VNC system to
> use SSH port tunneling. Ie, VNC installed on system.  Small utility gets system to SSH connect to
> a outside server "via SSH" and share port 5900 onto that server at a specified port.  So an
> external person who wanted to connect to this VNC server that was behind a NAT firewall
> could simply VNC to this SSH server and port.  Making this ssh server secure, this would result
> in a end to end secure channel.
>
> Does anyone know of a tool like this?

OpenVPN <http://openvpn.net/> has the basic components necessary to make this work, but you will need to figure out how to configure it to match your particular setup. You also need to set up your firewall to match. Our IT department uses it to install VPN clients on laptops for remotes and travelling personnel and provides a CD to set up home access for those of us that work from home on occasion. All remotes and most home workers do have MS-Windows, but a couple of us only use Unix or Linux systems at home. I only had to make a couple of changes to their startup script to get it to work on my Slackware boxen.

Bob McConnell


------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list
Reply | Threaded
Open this post in threaded view
|

Re: VNC through fire wall methods.

Kertesz Laszlo
In reply to this post by James Gardiner-3
On Thu, 8 Mar 2012 08:54:15 +1100
James Gardiner <[hidden email]> wrote:

> Just reading the list, it is an interesting topic on methods used to bypass
> NAT fire walls.
>
> VPN being a common one.
>
> I was wondering if anyone has a small install tool that would, for example,
> get a VNC system to use SSH port tunneling.
> Ie, VNC installed on system.  Small utility gets system to SSH connect to a
> outside server "via SSH" and share port 5900 onto that server at a
> specified port.  So an external person who wanted to connect to this VNC
> server that was behind a NAT firewall could simply VNC to this SSH server
> and port.  Making this ssh server secure, this would result in a end to end
> secure channel.
>
> Does anyone know of a tool like this?

stunnel - it connects 2 ports and you can tunnel any tcp connection through it via localhost.It works well in practice, i use it to tunnel vnc connections  with certificate-based authentication. The viewer part comes bundled in the ssvnc package (works manually also if you want). The server has to be set up though manually.
It is simpler than openvpn, no driver install is needed, it is well suited for remote support.


>
> Regards,
> James Gardiner
> [m] +61 4 12 997011
>
> *digitAll *pty ltd / Digital Cinema Network Australia (DCN)
> Development Office
> One Kings Place,
> South Melbourne, VIC 3205
> [p] +61 3 9686 5415
>
> www.digitall.net.au  --  www.dcnaustralia.com.au -- www.cinetechgeek.com



--
O zi buna,

Kertesz Laszlo

------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
___________________________________________________________
TightVNC mailing list, [hidden email]
To change your subscription or to UNSUBSCRIBE, please visit
https://lists.sourceforge.net/lists/listinfo/vnc-tight-list