Saturday, October 23, 2010
TCP Port 5900
A VNC server listens in using two ports. The particular port numbers are determined by the VNC display digit, due to the fact that a machine can run many servers. The most important of all is 59xx, where the display number is xx. This port is run by the VNC protocol.
For most servers ran on PCs, tcp port 5900, due to the display of 0 through default. Administrators should scan their networks for VNC servers that are open, usually on tcp port 5900. It is recommended that any of the VNC servers are upgraded that give the administrator a protocol over 3.3. The nmap’s service detection will reveal the protocol digit.
Other project’s VNC servers, such as UltraVNC or TightVNC could or could not be vulnerable, though some experts do not feel that they are. It appears though RealVNC servers may be vulnerable. Unfortunately, it does not seem to make certain the remote end’s software that is been ran. Only the protocol number is visible. It is also the view of most experts that upgrade to the latest release of RealVNC be facilitated, unless unauthorized access is what is desired. The binding of 127.0.0.1 to VNC daemon while tunneling the traffic of VNC through a SSH tunnel would provide stronger mechanisms for authentication. A search through one’s preferred search engine ‘VNC over SSH’ will yield results of how this can be accomplished, on your preferred platform.
Setting up a firewall that can access all the VNC servers from a remote location is possible, by administrators. Firstly, entries for port forwarding will need to be made. For example, the port 5900 of your PC from the TCP port 5900 that is external, and for multiple PCs, this is replicated as many times, for instance the port 5900 of your computer from the TCP port 5901, and so on. Following this, point to the outside IP address a viewer for VNC, where the initial PC will display ‘dispaly0’, and the second if any will display ‘display 1’ and so on. The relationship here is ‘display N = ‘TCP port 5900+N.’
The port number is 5900, it is a TCP as opposed to a UDP and its delivery is listed as yes. The protocol or name is listed as VNC; the port network is described as a Virtual Network Client or a Virtual network Computer. It is not on any lists of known Trojans or viruses.Advanced features