Slashdot Mirror
VNC, No Longer Orphaned
geogeek6_7 writes "Icronic informs us of a couple new developments to everyone's favorite piece of remote-managment software, VNC. You may remember that the UK Lab responsible for the creation and maintainence of VNC closed. A company called RealVNC has been formed, sporting the original coders from the AT&T lab, and aiming to 'act as the focal point for open source VNC.' Secondly, the new company has released version 3.3.4 of VNC for Windows and Linux. Greater security and a new, speed-enhancing auto-encoding feature are included among many others in the new version."
Seems like they could make a decent living by selling an enhanced, secured version and then have the "last version" free as in beer & speech to help spread the product. Similar to how Aladdin has done with Ghostscript.
I love vnc, with a passion. I also love Tightvnc, and all its varients. VNC is the one thing that makes me feel safe when I leave my computer because I know it's a broadband connection away.
Even at work!
I'm a big retard who forgot to log out of Slashdot on Mike's computer! LOOK AT ME.
I wonder how long VNC will be in general interest once people begin attempting to emulate RDC (remote desktop connection(s)) both from a server and client perspective in X and pre-win XP OSes.
Seeing as how it now comes with Win XP Pro the general consensus will be that RDC is the new "standard" to be emulated by everyone else.
For comparison, also check out TightVNC. TightVNC makes a remote graphical desktop quite usable over DSL speeds.
It sounds like the main VNC branch has now added a tight-like encoding (ZRLE) which may obviate the need for TightVNC, but TightVNC has some additional niceties like automatic tunneling over SSH.
We were looking to do demos for our software (web based) and wanted to be able to do something like webex (I'd link but their website is down! guess I'm glad I didn't pick them!).
For 1 demo using their system to 15 clients it was going to run between $800-$1200 for 1 to 1.5 hours. I told my boss we could test a solution for free on my box (dual boot Linux/win2000) and if it worked it would be $1200 one time. I demoed to our higher ups and we have a salesman that is using it 2-3 times a day and since our corporate office has conference phone systems already they are free (already a paid service, so why pay twice?).
In the end we spend $800 on the hardware $320 on VMWare $0 on VNC/xfrbserver (spelling?) to export to multiple hosts, and we have an MSDN subscription so I run Win98 in VMWare so the person demoing feels at home (even though it would have worked in Linux w/Netscape the sales people and clients are more comfortable in Windows).
At first they found it a little confusing. But now it's all the rave and I just bring it up remotely (or from the office) and keep an eye on it to make sure they dont accidentally close the exporting server (xf0bserver?), you'd be surprised how many times they kill their own demo!!!! lol...
Anyway since it was so successful I'm implementing a solution to automate offsite backups using sftp/ssh and encrypting our backups daily.
I hope for their sake they never make the mistake of firing me b/c noone else could even tell you what ls does!!! lol.... ensuring job security by doing a good job, saving money, and implementing solutions they dont understand.
When you run Remote Desktop Connection the user is locked out of their screen, you can only export to one computer, and it's security is not what I would call "trustworthy".
VNC kicks the hell out of RDC in WinXP (and I use both at work).
I'd have to agree that VNC isn't exactly good on dialup connections or even ISDN.
However, this is what tightvnc is for. Regular VNC works very well in a LAN though, and works quite well from every broadband connection I've used.
Now I have newer version of the remote app that our firewall administrator won't let through.
AskSlashdot (always a good idea at 12:30am):
Is VNC secure enough to run on a couple of high-traffic, high-exposure web servers? Man, would I ever catch hell if I talked the firewall admin into setting the VNC port open, then we get hacked through it. My company tends to trust commercial solutions like the really flakey Altiris CarbonCopy (formerly Compaq CarbonCopy). Any experience with security bugs?
The global economy is a great thing until you feel it locally.
But this VNC solution is really solid in a mixed Windows, Novell, and MAC OS X enviornment.
There's a version of VNC for Mac OS 9 as well.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
"The lesson to be learned is not to take the comments on slashdot too literally." --Vinnie Falco, BearShare
I've tried out VNC before, but I thought it was slower than Windows Terminal Services client/RDP. Now that I've been using Linux I like using X11 over SSH while I'm at work/school. Has the new version made VNC faster? I have one last Windows box that would be nice to administer remotely.
(The fastest, to me, was RDP)
Vote for global prefs bug
some tips: generally you are better off NOT enabling ssh compression as VNC's compression works better. Supposedly tightVNC is the best for narrow pipes. But on fat pipes in actually is better not to compress. if you are worried about security do two things. first always turn off the http port (on by default at 580x). Second, for extra security only allow connections to/from loopback 127.0.0.1. Then use ssh to send it where you want. Finally, note that VNC itself is not encoded so the ONLY protection you are getting is the SSH encoding. If you dont tunnel all the way you are exposed. However since it is graphics info and not plain ascii, it takes a clever hacker to actually decode what you are sending in the clear.
Some drink at the fountain of knowledge. Others just gargle.
I use the client and server on win2k boxes, and the new version is noticeably faster. I definitely recommend an upgrade for anyone using the older version on windows.
It is quite possible from a windows box, I use WinXP quite often and half of my work is done through a secure connection to my Linux boxes.
Putty is a great windows ssh client that is free to boot. It supports compression and port forwarding ( relaying too).
When configuring a new connection under putty, check the 'Connection->SSH-Tunnels' panel and check X11 forwarding, and add a local forwarding of say 5903 and destination as something like networkbox:5903. Then click Add and it will display like 'L5903 networkbox:5903'. Rember to save the session with a name and you will be set.
Rember though that the ip or system name will be relative to the box you have the ssh connection into. Packets will arive at the end of the tunnel and then be routed to the destination machine and port specified. In the above example, once connected to the remote machine, you will then be able to fire up vncviewer and connect to localhost:3 and have your connection attempt forwarded through the tunnel and on to the destination machine. Of course you will need to have vnc running as session 3 for this example to work without modification. Good luck.
Kindness is the language which the deaf can hear and the blind can see. - Mark Twain
I have been using VNC long before I started using linux. As soon as I started the Linux environment, I used VNC for remote access.
Question: Is there a way to use VNC (or other) to access the main X session (I guess tty0 in rh 7.3) and share it similar to how it is shared in windows?
While I speak of remote access, maybe someone can tell me why when I am @ an ssh shell, my path etc is never set.
Everyone has mentioned tightvnc, so I dont think thats needed but I will say that I found it really interesting when Farmers Insurance rolled out all the Dells to agents across the country, VNC was installed and running on every box.
The ultimate network admin tool needs HELP!
If you use VNC, they are accepting donations at http://www.realvnc.com/contribute.html.
I had a similar experience with VNC. It was more a matter of showing that OSS software was somehow 'worthy' though. First on the scene at work was VNC when I mentioned it to our former net admin and he started using it. Then I wrote a webapp using OSS tools (and made sure my manager, the net admin, God and everyone else knew it), and it was a highly visible and smooth rollout. Finally, all the recent MS security issues finally made our net admin cave and he decided last week to replace our MS proxy, with IIS next on the block. Now it cascades from there, since the app I wrote is on a server by itself and is going to be switched to Linux as well. And I'm also finally in a position to use Linux as my desktop OS.
To the VNC devs who helped kick it all off for me, thank you!
"Gold still represents the ultimate form of payment in the world." - Alan Greenspan, 1999
VNC is a dangerous toy without security, whether that be via SSH or tunnelling plus a firewall.
perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
RDC/RDP isn't a standard: as usual, Microsoft took a bunch of ITU standards and hacked them up to make them incompatible with everything else.
Nor is there much to emulate. Microsoft's RDP isn't even in the same league with X11 in terms of functionality or performance over LANs. For dial-up connections, there are also good X11 protocol compression solutions. VNC outperforms RDP greatly in another area: it's a very simple, well-documented, open protocol that is easy to implement and works pretty much everywhere. There are VNC servers for 8bit machines, even. Furthermore, X11 and VNC clients and servers are available for Windows, Macintosh, and UNIX, so you can already talk from any platform to any other platform with the open protocols.
People will be able to interoperate with Microsoft RDP via projects like RDesktop--as long as Microsoft lets them and on those odd days when they ship it (Windows XP Home doesn't come with it). Building anything else on top of RDP is like building on quicksand since the world can shift from under you whenever Ballmer feels like it. If Microsoft wanted you to use RDP for anything else, they would have picked an open standard.
VNC is already split into the original distribution from ORL (now RealVNC, TightVNC from Constantin & friends, eSVNC, which added security and file transfers (though win only) and a bunch of Pocket PC, Palm, MacOS, OS X etc. forks.
VNC is such a wonderful und useful program and I sometimes dream of how much better, securer and faster it could be.
Plaese combine your efforts. The world will thank you.
bye egghat.
-- "As a human being I claim the right to be widely inconsistent", John Peel
There are a couple of things that you should be aware of before putting VNC on Windows 2000 servers. The first is the well-known problems with security, including the "encrypted" hash stored in the registry and the brute force vulnerability.
More importantly, though, for those of you thinking of running VNC on heavily-used Windows servers is that the CPU run queue tends to increase by 8 or so when VNC is in full screen polling mode. If you want to run perfmon over a remote connection, the two free RDP connections on W2K Server are a much better choice.
This may be odd to you, but my fortune 500 company would much rather pay for software that comes with a service contract than use free software.
As an example, we don't have a mailing list type technology installed. We began to investigate L-Soft
(Who by the way don't want you to say "listserv" unless you're referring to their brand of mailing list technology - I'm sure that kleenex and xerox felt the same way. But I digress...)
We decided not to implement anything because we couldn't afford to pay for the software licenses. Never mind that we need that technology, and that the ROI for building it is huge....
I proposed that we use free software to solve that problem. The answer was no.
The company position was:
a) we want someone to help us if it breaks,
b) we want someone to sue if it breaks something really important, and
c) if the software is free, how can we recover our costs? Our internal customers will know that we paid nothing, and won't want to reimburse us for the engineering costs.
None of these reasons may make sense to you, but they are a cultural perspective that makes perfect sense to folks who run billion-dollar companies.
There are LOTS of companies that will be glad to pay for support of a free product. Just ask Eric Allman! http://www.sendmail.org/~eric/
But Herr Heisenberg, how does the electron know when I'm looking?