[TriLUG] Re: VNC questions -

Janyne Kizer janyne_kizer at ncsu.edu
Mon Jan 14 11:37:43 EST 2002 

Gotcha.

So I need to add a line like the following to the firewall 

iptables -A INPUT -p tcp --sport 5950 -j ACCEPT
iptables -A INPUT -p tcp --sport 5951 -j ACCEPT
iptables -A INPUT -p tcp --sport 5952 -j ACCEPT

even though I already have this line in there

iptables -A INPUT -s <mysubnetaddress>/255.255.255.0 -j ACCEPT

H Brett Bolen wrote:
> 
> Janyne Kizer wrote:
> 
> > No.  I am still working on it though.
> >
> > Hmmm, maybe I need to add service vnc-640x480x8, and so on instaed of
> > servcie vnc???
> >
> > The machine is directly connected to the internet.  My firewall is set
> > up to allow all connections from certain subnets and no connections from
> > the rest of the world.  The firewall should not be the problem here
> >...
> 
>  >
> 
> > H Brett Bolen wrote:
> >
> 
>  >> ...
> 
> 
> 
> yes they have to match.
> 
> I have one entry in /etc/services.  just 'vnc'
> 
> I have one extra file in /etc/xinietd.d.  just 'vnc'
> 
> The other entries are for different resolutions, get the
> first one up before adding complexity.
> 
> after you edit the files, then use
> 
>     killall -USR2 xinetd
> 
> to reload the configuration.  if you look into /var/log/messages, you
> can see some data telling you that the config was reinitilized.
> 
> after that just telnet to the port ( mine is 5953 or
> 5900 + <vnc port no>) and you should see someting like
> 
>     RFB 003.003
> 
> This will tell you that the vncserver was kicked off.
> 
> reguarding firewall,
> 
> I have linksys router and NAT on my box, so nothing can
> come into this box.  I don't know why /etc/hosts.allow affects
> xinetd.  ( there is no tcpd, does xinetd use /etc/hosts.allow
> automatically?)
> 
> security is still an issue even if it's not a service -- you have
> a port open that other people can connect to ( xinted is a service).
> 
> apply security measures to taste.
> 
> b\375
> 
> ps: I've copied trilug at trilug.org

-- 

Janyne Kizer
CNE-3, CNE-4, CNE-5
Systems Programmer Administrator I
NC State University, College of Agriculture & Life Sciences
Extension and Administrative Technology Services
Phone: (919) 515-3609

More information about the TriLUG mailing list