Should I be afraid of having port 5800 and 5900 open all the time. Is it worth setting VNC up on other ports is this really any more secure?
Right now my wireless internet provider blocks all ports and I was going to have them open the TCP ports 5800 and 5900 are these the only ports I should need open to use all the features of the Ultra VNC?
I found all kinds of help securing data going across the vnc ports after in use.
Thanks
Keith
Celebrating the 22th anniversary of the UltraVNC: https://forum.uvnc.com/viewtopic.php?t=38031
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Port security
Using anything besides defaults - gets you away from the average kid with the port scanning utility that tells them what you have open and for why. This doesnt stop the more inteligent hacker of trying to probe the port and for what reason it is or isnt open.
If you use a port that is open on your computer with a DSM encryption plugin - then the only way to communicate with your computer on those ports.. is with the Correct Encryption algorythm... key..
So if your like me - and value the fact that your computer should be only used by "Authorized" users. You should use the DSM Plugin and use local authentication on the server... which of course you must change periodically.
But if you only use this on a "needed" basis.. it may not hurt to just use defaults with a decent password and no security. Since its not something you use all the time and or wont always be on.
I am also curious as to why you think your ports are being blocked from your wireless company? I use a Verizon wireless air card and its just like being dialed into the internet.. nothing is blocked.. maybe my ISP is different.?
If you use a port that is open on your computer with a DSM encryption plugin - then the only way to communicate with your computer on those ports.. is with the Correct Encryption algorythm... key..
So if your like me - and value the fact that your computer should be only used by "Authorized" users. You should use the DSM Plugin and use local authentication on the server... which of course you must change periodically.
But if you only use this on a "needed" basis.. it may not hurt to just use defaults with a decent password and no security. Since its not something you use all the time and or wont always be on.
I am also curious as to why you think your ports are being blocked from your wireless company? I use a Verizon wireless air card and its just like being dialed into the internet.. nothing is blocked.. maybe my ISP is different.?
-
kriehl
Port Security
Thanks,
I have implemented all of the security measures you wrote about. I feel better about the setup now.
You asked about my incoming internet. Since I can not get any wired internet I use wireless from a line of site 5 miles away. The local company automatically blocks all ports on all wireless customers for security. They will open up any ports I ask them too for my IP and anyone else if they ask. They say it is for there protection and ours to block them all since most customers don't use or know about ports. They also said a hacker could overload their wireless network if they did not block them by default.
Keith
I have implemented all of the security measures you wrote about. I feel better about the setup now.
You asked about my incoming internet. Since I can not get any wired internet I use wireless from a line of site 5 miles away. The local company automatically blocks all ports on all wireless customers for security. They will open up any ports I ask them too for my IP and anyone else if they ask. They say it is for there protection and ours to block them all since most customers don't use or know about ports. They also said a hacker could overload their wireless network if they did not block them by default.
Keith
Well thats good that your wireless internet provider actually is security wise.
And its true that port flodding could be an issue.
As long as you use the security DSM with a computer that has the viewer with the same key it will work just fine.
I think eventually this will be the case for the web viewer, but like I said I dont think its high on their priority list.
And its true that port flodding could be an issue.
As long as you use the security DSM with a computer that has the viewer with the same key it will work just fine.
I think eventually this will be the case for the web viewer, but like I said I dont think its high on their priority list.