Security Issue, VNC Connected through a firewall I setup...

[Beshman]

I recently installed a 2003 Server and Cisco PIX 501 Firewall at a client's site. The Cisco is configured to forward port 3389 to the 2003 Server, but is only accessible from two external IP's that are defined in an access list. I have tested this and double checked the config, it works (cannot access the server from other IP's besides those defined) and the config is correct. All other ports are closed.

Now for my issue, the client called a third party software support company and asked for assistance installing a new application. The client told me the support tech had her logon to their website and install an application that allowed him to control the server. I checked the server and found UltraVNC installed. I know the basics, but not enough to understand how this tech was able to control my server through the firewall without ports 5900 and 5800 forwarded?

The client said she had to be logged onto the software company's website and had to physically start the VNC server for this to work. I downloaded the UltraVNC software and tested from my location, I cannot connect using the viewer or the browser through 5800, 5900 or 80 without setting up port forwarding on my firewall. If I forward the ports, I can connect. I have reset the VNC server on the 2003 box to my own password and tried setting ports to auto and manually defining port 80. Use Java is enabled and there is no DSM plugin. Anyone have an idea how this was possible?

[beshman]

Ok, never mind, I ended up reading 13 or 14 pages back in the forum and see that this will work with the server initiating an outbound request to a listening viewer.