Transcript VNC
VNC
http://en.wikipedia.org/wiki/Vnc
VNC
Virtual Network Computing
VNC - Overview
Virtual Network Computing (VNC)
A graphical desktop sharing system
Uses the RFB protocol to remotely control another
computer.
Uses a network
Transmits the keyboard and mouse events from one
computer to another
Relays the graphical screen updates back
VNC - Overview
Platform-independent
VNC viewer resides any operating system
Can connect to a VNC server of any other operating system
Clients and servers available for almost all GUI operating
systems and for Java
Multiple clients may connect to a VNC server at the same
time
Popular uses for this technology include
Remote technical support
Accessing files on one's work computer from one's home
computer
VNC - Overview
Originally developed at AT&T
The original VNC source code and many modern
derivatives are
open source
under the GNU General Public License
History
History
Created at the Olivetti & Oracle Research Lab
Originally owned by Olivetti and Oracle Corporation
In 1999 AT&T acquired the lab
Following the closure of ORL in 2002
several members of the development team formed RealVNC
2002 closed down the lab's research efforts
Continue working on open source and commercial VNC software
under that name
Several other versions of VNC have been developed from the
original GPLed source code.
Forking has not led to compatibility problems
RFB protocol is designed to be extensible
VNC clients and servers negotiate their capabilities when
handshaking
Make use of the most appropriate options supported at both ends
Etymology
Etymology
'Virtual Network Computer/Computing'
Originates from ORL's work on a thin client called
the Videotile
Essentially an LCD display with
Used the RFB protocol
a pen input and
a fast ATM connection to the network
At the time a network computer was commonly
used as a synonym for 'thin client'
VNC is essentially a software-only (i.e virtual) version of
this network computer
Operation
Operation
A VNC system consists of a client, a server,
and a communication protocol.
The VNC server
The VNC client (or viewer)
program on the machine that shares its screen
Program that watches and interacts with the server
The VNC protocol
Very simple, based on one graphic primitive:
"Put a rectangle of pixel data at the specified X,Y
position".
Operation
Server sends small rectangles of the framebuffer
to the client
In its simplest form, the VNC protocol can use a
lot of bandwidth
Methods devised to reduce communication overhead
For example, various encodings
methods to determine the most efficient way to transfer these
rectangles
VNC protocol allows the client and server to
negotiate which encoding will be used
Operation
The simplest encoding is the raw encoding
Pixel data is sent in left-to-right scanline order
Once the original full screen has been transmitted
Only transfer rectangles that change
Supported by all clients and servers
This encoding works well:
If only a small portion of the screen changes from one frame to
the next
Mouse pointer moving across a desktop
Text being written at the cursor
Bandwidth demands get very high if a lot of pixels change at the
same time
Scrolling a window or viewing full-screen video
Operation
VNC by default uses TCP ports 5900 through 5906
each port corresponding to a separate screen (:0 to :6).
A Java viewer is available in many implementations
Such as RealVNC allowing clients to interact through, among
other things, a Java-enabled web browser
Other ports can be used
Ports 5800 through 5806
Both client and server must be configured accordingly
Some operating systems only support a single VNC session at
a time because the operating system supports only a single
session at a time
E.g. Windows XP
Operation
Note that on some machines, the server does not
necessarily have to have a physical display.
Xvnc is the Unix VNC server, which is based on a
standard X server
Xvnc can be considered to be two servers in one; to
applications it is an X server, and to remote VNC users it
is a VNC server
Applications can display themselves on Xvnc as if
it were a normal X display
Will appear on any connected VNC viewers rather than
on a physical screen
Operation
The display that is served by VNC
Unix/Linux computers that support multiple
simultaneous X11 sessions
Not necessarily the same display seen by a user on
the server
VNC may be set to serve a particular existing X11
session
Start one of its own
Multiple VNC sessions can be run from the
same computer.
On Microsoft Windows the VNC session served
is always the current user session
Operation
VNC is commonly used as a cross-platform
remote desktop system
Apple Remote Desktop for Mac OS X interoperates with
VNC
Will connect to a Linux user's current desktop if it is served
with x11vnc
As a separate X11 session if one is served with TightVNC
From Linux, TightVNC will connect to an OS X
session served by Apple Remote Desktop if the
VNC option is enabled, or to a VNC server running
on Microsoft Windows
Security
Security
By default, VNC is not a secure protocol.
Passwords are not sent in plain-text (as in telnet) but…
brute-force cracking could prove successful if both the
encryption key and encoded password are sniffed from a
network.
It is recommended that a password of at least 8
characters be used.
There is also an 8-character limit on some versions of
VNC;
If a password is sent exceeding 8 characters
Excess characters are removed
Truncated string is compared to the password.
Security
VNC may be tunneled over an SSH or VPN
connection
Adds an extra security layer with stronger
encryption
SSH clients are available for all major platforms
(and many smaller platforms as well);
SSH tunnels can be created from
UNIX clients
Microsoft Windows clients
Macintosh clients many others
Security
UltraVNC supports the use of an open-source
encryption plugin
Encrypts the entire VNC session
Including password authentication and data transfer
Allows authentication to be performed based on
NTLM and Active Directory user accounts
RealVNC offers high-strength encryption as part of
its commercial package
Workspot released AES encryption patches for
VNC
The original
http://www.cl.cam.ac.uk/research/dtg/attarchi
ve/vnc/index.html
RFB
http://en.wikipedia.org/wiki/RFB_protocol
RFB
RFB (“remote framebuffer”) is a simple protocol for remote access
to graphical user interfaces
It works at the framebuffer level
Applicable to all windowing systems and applications
Including X11, Windows and Macintosh.
RFB is the protocol used in Virtual Network Computing (VNC) and its
derivatives.
Although RFB started as a relatively simple protocol it has been
enhanced with additional features (such as file transfers) and more
sophisticated compression and security techniques as it has
developed
To maintain seamless cross-compatibility between the many
different VNC client and server implementations
Clients and servers negotiate a connection using the best RFB
version
Use the most appropriate compression and security options they can
both support.
History
RFB was originally developed at Olivetti Research Laboratory
(ORL)
A remote display technology to be used by a simple thin client
with ATM connectivity called a Videotile.
In order to keep the device as simple as possible, RFB was
developed and used in preference to any of the existing remote
display technologies.
RFB found a second, more enduring use when VNC was
developed
VNC was released as open source software and the RFB
specification published on the web.
Since then RFB has been a free protocol which anybody can use.
When ORL was closed in 2002 some of the key people behind
VNC and RFB formed RealVNC Ltd in order to continue
development of VNC and to maintain the RFB protocol.
The current RFB protocol is published on the RealVNC website.
Protocol versions
Published versions of the RFB protocol are shown below:
Developers are free to add additional encoding and security types
Must book unique identification numbers for these with the maintainers
of the protocol so that the numbers do not clash.
Clashing type numbers would cause confusion when handshaking a
connection and break cross-compatibility between implementations
The list of encoding and security types is maintained by RealVNC Ltd
Separate from the protocol specification
New types can be added without requiring the specification to be reissued
Version
Source
Date
Specification
RFB 3.3
ORL
January 1998
The Remote Framebuffer Protocol 3.3
RFB 3.7
RealVNC Ltd
July 2003
RFB 3.8
(current)
RealVNC Ltd
July 2005
The Remote Framebuffer Protocol 3.8