Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

SC and Software firewalls

Single Click discussions / bugs
Post Reply
davidf
Posts: 1
Joined: 2006-10-03 12:09
Location: New Zealand

SC and Software firewalls

Post by davidf »

Hi everyone

Over the past day or so I have worked like many to understand & get SC running

Initially on a private IP network between 2 PCs then via the Internet

Today I tried it out for the first time "in public" on a PC
that was running a combined virus & firewall product (Trend Internet Security)

I noticed an interesting issue that I'd like to put to the developers for their thoughts/comments


When SC is run on a “Client” PC using Windows XP it creates a temp directory that it runs from
e.g. C:\Documents and Settings\lyn\Local Settings\Temp\7zS93.tmp
from which the winvnc then tries to connect over the Internet/LAN to the “Support” PC
(depending on what was specified in the Helpdesk.txt configuration file)

If there is a software firewall on the “Client” PC, that is monitoring O/G connections
it asks the user if winvnc is allowed to make an O/G connection from that PC,
the "yes/no" response is then stored as an entry in the software firewall configuration

As SC creates a new/different temp directory EACH TIME it is run,
then these "permission" entries will quickly accumulate
if numerous connections are made from the "Client" PC

This on going accumulation does not similarly occur on the “Support” PC
as the location of winvnc does not change as it is "fixed" during the initial install of winvnc


My question to the developers is as follows : -

What if anything can be done to "fix" the location of the "temp directory"?

So that when SC is repeatedly run on a “Client” PC, then both the repeated "allowing"
does not need to occur & also the build up of "permission" entries is reduced/eliminated



I note that this issue will not apply for a XP PC with ONLY the SP2 firewall running
as it does not monitor O/G connections, only I/C ones.

I believe my question will as equally apply to PCs running Trend Internet Security as to those using Norton Internet

Security, ZoneAlarm or any/all other similarly functioning software firewalls





Also, here's a tip for others, to help them retain their sanity & good humour

Don't drive yourself crazy trying to loop out to the Internet from your "Client" PC
and back in through your Public IP Address to your "Support" PC
if they are already connected together via a Private LAN IP connection e.g 192.168.x.x


You will drive yourself mad trying to understand & work out why your perfectly correctly constructed
helpdesk.txt file entries such shown as below (that work fine over your internal LAN) will not work :-


HOST]
Remote Internet PC Support
-connect mydynamicip.dyndns.org:5500 -noregistry


or


HOST]
Remote Internet PC Support
-connect 123.222.123.222:5500 -noregistry


The entries above (while altered to be ONLY examples) fail you
because your "Client" PC will insist on trying to use your LAN connection
to get to your "Support" PC rather than going out to the Internet
& than returning back to you as you'd like to test via the "Support" PC's Internet connection


A solution is to create an alternate dial up connection on your "Client PC"
to get it onto the Internet. Then Disable your "Client" PC LAN connection & initiate the dialup connection

Then allow SC on the "Client" PC to "find" its way back to your "Support" PC, over the connection that the "Support" PC usually uses

If you are like I was when testing/learning you will find that your SC will now magically start working

This issue/fix applies as much to "Fixed IP" as to "Dynamic IP" helpdesk.txt file configurations/destinations for the "Support" PC


BTW

If you are like me, then SC will make your days much easier when friends/family/clients etc call you & you just haven't the ability to magically appear by their elbow and watch as they fight with their PC


my thanks to the developers for their efforts
bevtech
800
800
Posts: 2168
Joined: 2005-08-03 14:07
Location: Pennsylvania, United States

Re: SC and Software firewalls

Post by bevtech »

I often wondered why the temp directory was changing but I think it is due to the unzip nature of 7zip. It does cause you grief because the the firewall detectes it as a new application..

Firewalls seem to cause must users major issues with UVNC and Single Click do probably to the use of port 5500 in which most antivirus worm protection will block due to internet worms.

Yes alot of users get confused in the creation process and want to use private ip addresses instead of their wan address.

That is why I created the FAQ's

[topic=7731]What Can If I do not have a Static IP for my WAN Connection[/topic]

[topic=6914]When UsingDynamic DNS host How can I connect when inside LAN[/topic]

To help users understand this major difference. But what I have found is that alot of users will not read the FAQ, Step by Steps or the Online documentation...;) I guess that is just human nature..:D
Last edited by bevtech on 2006-10-13 13:09, edited 1 time in total.
Bevtech

Windows XP Home, Pro SP2, Windows 2003 SBS server SP2(EN), Windows Media Center Editon 2005,Windows Vista Home Prem.,Fedora Core 6,Win9X, PChelpware Rel 1.0,
UVNC V 1.0.8.2

User not developer..;)
grahamh
Posts: 2
Joined: 2006-10-12 20:59

Re: SC and Software firewalls

Post by grahamh »

Thanks very much for the tip regarding trying to test from your own network.

I was beating my head against the wall trying to sort out why it wasnt working. Read your message and sent the file to another office and they were able to connect immediately.

It really was just the situation you indicated, although i was using my public ip address it must not have been going out to the internet. Not really sure why the router wasn't still forwarding to the correct port, but i dont understand routers at all anyway.

Thanks again, you saved my sanity.
bevtech
800
800
Posts: 2168
Joined: 2005-08-03 14:07
Location: Pennsylvania, United States

Re: SC and Software firewalls

Post by bevtech »

Not a problem that is what we are here for..;)
Bevtech

Windows XP Home, Pro SP2, Windows 2003 SBS server SP2(EN), Windows Media Center Editon 2005,Windows Vista Home Prem.,Fedora Core 6,Win9X, PChelpware Rel 1.0,
UVNC V 1.0.8.2

User not developer..;)
Post Reply