Sign in with
Sign up | Sign in
Your question

TightVNC through a Company firewall?

Last response: in Networking
Share
Anonymous
a b 8 Security
June 15, 2004 11:39:53 AM

Archived from groups: comp.security.firewalls (More info?)

How would one tell some techie at a small business how to open up te
ports, which ports, and any other settings/rules that need to be
changed to allow remote support?

Can a rule be put in to just allow my static IP through so they still
have some security?


Also which IP address woulc I use-the machines or the firewall? I
assume the machines but then that will have NAT translation perhaps?

Thanks in advance
Joe
Anonymous
a b 8 Security
June 15, 2004 7:27:33 PM

Archived from groups: comp.security.firewalls (More info?)

In article <33cea2e8.0406150639.76aaa9cb@posting.google.com>,
tryitoz@hotmail.com says...
> How would one tell some techie at a small business how to open up te
> ports, which ports, and any other settings/rules that need to be
> changed to allow remote support?
>
> Can a rule be put in to just allow my static IP through so they still
> have some security?
>
>
> Also which IP address woulc I use-the machines or the firewall? I
> assume the machines but then that will have NAT translation perhaps?
>
> Thanks in advance
> Joe

Joe, remote support, if setup properly, is done through a VPN tunnel,
not through open ports and using remote control software. Ask them to
give you VPN access so that you can support the network.

--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
Anonymous
a b 8 Security
June 16, 2004 7:21:03 PM

Archived from groups: comp.security.firewalls (More info?)

On 15 Jun 2004 07:39:53 -0700, tryitoz@hotmail.com (Joe Donaldson)
wrote:

>How would one tell some techie at a small business how to open up te
>ports, which ports, and any other settings/rules that need to be
>changed to allow remote support?
>
>Can a rule be put in to just allow my static IP through so they still
>have some security?
>
>
>Also which IP address woulc I use-the machines or the firewall? I
>assume the machines but then that will have NAT translation perhaps?
>
>Thanks in advance
>Joe

man ssh port-forwarding. This is trivial to set up for free w/ putty

Tom
Related resources
Anonymous
a b 8 Security
June 16, 2004 8:15:18 PM

Archived from groups: comp.security.firewalls (More info?)

Taking a moment's reflection, Joe Donaldson mused:
|
| How would one tell some techie at a small business how to open up te
| ports, which ports, and any other settings/rules that need to be
| changed to allow remote support?

VNC used TCP/UDP port 5900 by default for a server.
Anonymous
a b 8 Security
June 16, 2004 9:55:04 PM

Archived from groups: comp.security.firewalls (More info?)

"mhicaoidh" <®êmõvé_mhic_aoidh@hotÑîXmailSPäM.com> wrote in message
news:qm_zc.63371$Sw.3387@attbi_s51...
> Taking a moment's reflection, Joe Donaldson mused:
> |
> | How would one tell some techie at a small business how to open up te
> | ports, which ports, and any other settings/rules that need to be
> | changed to allow remote support?
>
> VNC used TCP/UDP port 5900 by default for a server.
>
>

client:0 -> port 5900 (for VNC viewer)
client:1 -> port 5901 (for VNC viewer)
.......
and
client:0 -> port 5800 (for java web interface)
client:1 -> port 5801 (for java web interface)
......

Enjoy,
Mangled&Munged
Anonymous
a b 8 Security
June 18, 2004 12:27:19 PM

Archived from groups: comp.security.firewalls (More info?)

Can someone put this in more simpler terms for me being a newbie when
it comes to firewalls and routers and such? What exactly needs to be
done and then what I address would I use for a business that has a
NAT?
Sorry I could not follow the previous posts. Just something new for
me. I appreciate it.

Thanks Joe

"Mangled&Munged" <postmaster@127.0.0.1> wrote in message news:<YP%zc.27164$H65.11492@nwrddc02.gnilink.net>...
> "mhicaoidh" <®êmõvé_mhic_aoidh@hotÑîXmailSPäM.com> wrote in message
> news:qm_zc.63371$Sw.3387@attbi_s51...
> > Taking a moment's reflection, Joe Donaldson mused:
> > |
> > | How would one tell some techie at a small business how to open up te
> > | ports, which ports, and any other settings/rules that need to be
> > | changed to allow remote support?
> >
> > VNC used TCP/UDP port 5900 by default for a server.
> >
> >
>
> client:0 -> port 5900 (for VNC viewer)
> client:1 -> port 5901 (for VNC viewer)
> .......
> and
> client:0 -> port 5800 (for java web interface)
> client:1 -> port 5801 (for java web interface)
> ......
>
> Enjoy,
> Mangled&Munged
Anonymous
a b 8 Security
June 18, 2004 8:33:51 PM

Archived from groups: comp.security.firewalls (More info?)

In article <33cea2e8.0406180727.126329d9@posting.google.com>,
tryitoz@hotmail.com says...
> Can someone put this in more simpler terms for me being a newbie when
> it comes to firewalls and routers and such? What exactly needs to be
> done and then what I address would I use for a business that has a
> NAT?
> Sorry I could not follow the previous posts. Just something new for
> me. I appreciate it.
>
> Thanks Joe
>
> "Mangled&Munged" <postmaster@127.0.0.1> wrote in message news:<YP%zc.27164$H65.11492@nwrddc02.gnilink.net>...
> > "mhicaoidh" <®êmõvé_mhic_aoidh@hotÑîXmailSPäM.com> wrote in message
> > news:qm_zc.63371$Sw.3387@attbi_s51...
> > > Taking a moment's reflection, Joe Donaldson mused:
> > > |
> > > | How would one tell some techie at a small business how to open up te
> > > | ports, which ports, and any other settings/rules that need to be
> > > | changed to allow remote support?
> > >
> > > VNC used TCP/UDP port 5900 by default for a server.
> > >
> > >
> >
> > client:0 -> port 5900 (for VNC viewer)
> > client:1 -> port 5901 (for VNC viewer)
> > .......
> > and
> > client:0 -> port 5800 (for java web interface)
> > client:1 -> port 5801 (for java web interface)
> > ......

Joe Bottom posting is best when on Usenet

The information that was provided is all that you need to know. Since
you didn't post what firewall or NAT device is being used we can't
provide more specific details on how to configure it.

From tone of your posts, it would be be best if you got a network
"techie" to make the changes for you.

Keep in mind that exposing the company network to outside access by
these remote control programs ALSO lets others see the connections and
try to access them. You are better off doing a VPN network connection if
you are going to be providing remote support.


--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
!