Sergey's Web Site - Thread: VNC

Язык сайта:

Username:		*
Password:		*

Remember me

Thread: FoxPro Some General Questions/VNC

Post Reply

27 October 2005

10:33:00

Sergey

Posts: 0

VNC

www.realvnc.com/faq.html#ctrl-alt-del
Ctrl-Alt-Del isn't getting through to the other computer
If you're running the VNC viewer under Windows, then the Ctrl-Alt-Del keypress may be intercepted by the operating system, and so the viewer program won't be able to detect it and pass it to a VNC Server. Go to the viewer's system menu, which you can access by pressing the "f8" key, left-clicking on the VNC icon at the top left of the viewer window, or right-clicking on the viewer entry in the taskbar. In this menu, you will find a "Send Ctrl-Alt-Del" option. Alternatively, You might find that Shift-Ctrl-Alt-Del works. AltGr-Del often works as well.

Under Unix, some window managers also intercept the Ctrl-Alt-Del keypress. The Unix VNC viewer also has a "Send Ctrl-Alt-Del" function which is accessible via the popup menu which you can pull down by pressing the "f8" key in the viewer window.

If you're running the VNC server as an application under Windows NT/2000/XP then it can only provide remote access to the display if a user is logged in and the workstation is not locked. In order to allow the Ctrl-Alt-Del keypress to work and be accessed even if no user is logged in or it is locked, you must run the VNC server as a system service.

If you're running the VNC server under Windows 95/98/ME then sending a remote Ctrl-Alt-Del function will not work at all. On these platforms, Ctrl-Alt-Del causes all programs, including the VNC server, to halt and bring up a task manager window.

How do I use VNC through my NAT router? (AKA Why do I get Connection timed out/Connection refused errors?)
Short answer: configure your router to forward port 5900 to the computer running VNC.
Long answer: we have a walkthrough for this common question.

How do I use VNC through my firewall?
Many organisations operate firewalls to reduce the risk of intrusion by malicious attackers via the Internet. These firewalls typically operate by only allowing connections in to machines in that organisation on specific ports. Which ports are permitted access depends upon the network protocol that uses the port and the degree of security it provides.

There are two main methods for making VNC servers accessible through firewalls:

Opening Ports - If you are using a secure version of VNC, such as VNC Enterprise Edition, you can simply configure your firewall to permit traffic on the port(s) used by the server. If your VNC server is configured to accept connections on VNC Display Number N (equivalent to Port Number 5900+N), then port 5900+N must be configured to be allowed through the firewall. To allow the Java VNC Viewer to be served through the firewall, port 5800+ must also be allowed through, or you must configure your VNC server to use the same port for both the VNC and Java Viewer connections, if possible. See also the section on using VNC through a NAT router.
Secure Tunnelling - Most organisations that operate firewalls allow connections to a number of standard ports, that are in principle used only by secure or harmless protocols. The Secure Shell (SSH) protocol, for example, acts as a wrapper around other protocols, allowing them to be used securely over the Internet, and is a protocol which most firewalls allow access through. A Secure Shell client is run on the VNC Viewer computer and is made to forward connections to a particular port on that machine to a port on the VNC Server machine. The forwarded connection is encrypted by the SSH software, which can provide both encryption and authentication.
Is VNC secure?
The only completely secure computer is one without a network. If a computer does have a network connection, then it is only as secure as its weakest point, whether this be the level of network encryption supported, the quality of users' passwords, or the internal security of the server computer.

VNC Enterprise and Personal Editions include support for strong encryption and authentication of VNC connections. VNC Enterprise Edition additionally supports native authentication against system user accounts. Both versions are specifically designed to be used across untrusted networks such as the Internet.

VNC Free Edition and older VNC 3 based systems support a simple challenge-response protocol used to verify a password of up to eight characters, supplied by the connecting user. While this avoids exposing the password to attackers as would be the case with pure plaintext protocols such as telnet, the rest of the session is unencrypted and so anything typed into the viewer passes "in the clear" to the server. VNC Free Edition is therefore suitable for use within a local network or secure VPN, but not for general use over untrusted networks, such as the Internet.

All versions of VNC since VNC 4.0 store sensitive information such as passwords with appropriate security permissions to avoid them being accessible to unauthorised users.

Is there a version for Mac OS X?
We don't yet provide versions of VNC for Mac OS X. There are several ports of VNC to Mac OS X, however, accessible via the resources page.

My virus checker says that VNC is a virus/adware/spamware. Is this true???
No. The VNC binaries we distribute are virus-checked before release, and are also signed on platforms that support signed binaries. VNC does not include nor install adware nor spyware of any kind.

The most likely cause of VNC being detected as a virus, adware or spyware is that your computer has become infected with a virus that attaches itself to existing files. Once you have used your virus checker to clean up your machine, you should be able to download and re-install VNC without further problems.

Some virus checkers do, however, wrongly report that VNC is a virus. In most cases this is caused by "heuristic" virus detection methods, while in others the virus checker's database is simply wrong!

Some virus checkers detect VNC correctly and classify it as a "Remote Access Tool" or similar, but present the information in such a way as to suggest that it is viral. This is not the case. If you were already aware of the presence of VNC on your system, you can usually ignore recommendations to remove it.

If in doubt, we recommend contacting your virus checker software vendor to verify that their software is not reporting a "false positive", and for advice on how to remove genuine viruses from your system.

What does 'Connection closed unexpectedly' mean?
When VNC Viewer shows this as an error message, it means that VNC Server closed the network connection at a time when the viewer was not expecting it to. This can happen, for example, when the viewer connects to the server and the server can't handle the connection for some reason.

Possible reasons for VNC Viewer showing this error message include:

A firewall blocking the connection by explicitly closing it.
VNC Server's security is not properly configured.
Ensure that you have selected an authentication method, set a password if required, and generated secure keys for the server if required.
VNC Server is crashing for some reason.
If this is the case, then the VNC Server Service will no longer be "running" on the server machine.
Under Windows NT based platforms, including Windows XP, you can find out why VNC Server closed the connection by looking at the server's Application Event Log using the Event Viewer administrative tool. VNC Server will log information under the tag "WinVNC4" when running as a service. Log entries starting "Connections: closed" will include a brief description of the reason for the connection closing. If you don't see any such messages at all then VNC Server is not even receiving the connections - this can happen if a firewall is blocking them, or if you are connecting to the wrong computer.

On Unix platforms, VNC Server will normally log information to a ".log" file in the user's ".vnc" directory. As under Windows, log entries starting "Connections: closed" will include a brief description of the reason for the connection closing.

Why can I access my VNC Server even though I'm entering the wrong password?
The short answer is: You can't! However, when the classic VNC Authentication scheme is used to authentication the user, only the first eight characters of the user's password are checked. This means that the passwords "01234567hello" and "01234567world", for example, would be regarded by VNC Server as identical.

This is a limitation only when using VNC Free Edition or older VNC software. If both the Viewer and Server support encryption then the full password will be checked, even if encryption is not actually enabled.

Why can't I access my VNC Server even though I'm entering the right password?
There are a couple of possible causes of problems authenticating yourself to the VNC Server. The most basic of these is that you have not configured a VNC Authentication password - VNC Server won't let you connect without supplying a password unless the server is explicitly configured to use No Authentication.

If you have previously used VNC Free Edition, and have upgraded to a secure version, you may find that VNC Server rejects your password if it is longer than eight characters. You should find that you can connect successfully if you only enter the first eight characters of your password when prompted for it by VNC Viewer. You can enable your full length password by re-setting it, using the appropriate configuration tool for your platform.

Under Windows, VNC Server can only map keyboard input to the correct characters if all programs are using the same keyboard layout as the operating system. This can cause authentication problems if affected characters appear in the server's password.

Why can't my VNC viewer connect to my VNC server?
VNC requires TCP/IP network connectivity between the viewer and server computers. A simple test is to use the ping utility. If you can't ping from your viewer to your server, and vice-versa, than VNC will not work!

Why do I just get a grey desktop in my Unix VNC Server?
You should run the vncserver script to start a VNC server, rather than the Xvnc program directly. vncserver runs Xvnc with appropriate options and starts some X applications to be displayed in the VNC desktop. The applications it tries to start are specified in $HOME/.vnc/xstartup, which can be tailored to your requirements. The default setup is to run the 'twm' window manager and a single 'xterm' window. If these applications fail to run, then you will see a grey 'rootweave' desktop. The most likely reason applications fail to run is that they are not in your path. Any error messages from this startup should appear in $HOME/.vnc/host:display#.log. For further information see the vncserver manual page.

Why does VNC Viewer blue-screen my Windows PC when I use the scaling feature?
Some graphics card drivers include a bug in the scaling feature that causes them to crash the machine if certain ratios are used. This is mostly the case with older drivers and with older graphics cards.

Quote Post

Post Reply