1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security for Tight VNC

Discussion in 'Tomato Firmware' started by Danielink, Jul 15, 2007.

  1. Danielink

    Danielink LI Guru Member

    I just installed Tight VNC on my Win XP Pro PC, and on my wife's Win 2000 Pro PC, and have it working between both PCs using the standard Port 5900. I also want to set up a connection from my work PC (also Win 2000 Pro) to my home Win XP PC so that I can check e-mail, etc. while I'm at work. I understand that Tight VNC by itself isn't secure, especially running thru Port 5900. I am using a Linksys WRT54GL with Tomato 1.07, and understand that I will need to set up port forwarding in my router setup. Would like to add encryption, but am a little confused how best to set it up ... SSH tunneling? Does Tight VNC use DMS plugins like Ultra VNC? Recommendations would be greatly appreciated.
     
  2. Danielink

    Danielink LI Guru Member

    Anybody out there using Tight VNC with Tomato 1.07? If so, how do you have encryption set up on your network? :confused:
     
  3. ifican

    ifican Network Guru Member

    Its not a matter of firmware its a matter of tunneling the traffic if it does not have the inherent ability to encrypt traffic. As for me i run ipsec tunnels with programs that cannot encrypt. In your case RDP would be your easiest implementation to accomplish your task. If you insist on running tightVNC, google for tight vnc over ssh. As far as port forwarding goes, you will need to forward whatever ports the program you decide to use to the pc you want to access.
     
  4. Danielink

    Danielink LI Guru Member

    Thanks, ifican, that helps. It's my understanding that the VNC programs typically default to use port 5900. Is it possible (or even advisable) to use a different port, or with encryption would it really matter?
     
  5. ifican

    ifican Network Guru Member

    Definetely use encryption, the port is up to you and you will get alot of opinions one way or the other. Yes you can change it if you wish and i do in certain instances but as long as i can use a really strong password, i dont worry about changing the default port.
     
  6. Danielink

    Danielink LI Guru Member

    So you think RDP would be easier to set up than Tight VNC or Ultra VNC? I'm not locked into using one of the VNC protocols ... I was using Ultra VNC, but without encription. Since I installed my WRT54GL a few months ago, and flashed it with Tomato, I now need to set up remote access again, and want to use whatever will work the best. Thanks again for your input. :thumbup:
     
  7. ifican

    ifican Network Guru Member

    Thats another one that will start an open debate, however RDP is very simple to use and is native to XP, i am not sure if its in 2000 or not. It is however very robust and encrypted by default and all that you will have to do is forward port 3389 to the inside host.
     
  8. Danielink

    Danielink LI Guru Member

    RDP for Win 2000

    Looks like you can set up Win 2000 Pro as an RDP client, but would have to d/l Terminal Services Advanced Client (TSAC).
     

Share This Page