Tripp Lite 93-2879 User Manual

74

Note

How secure is VNC? VNC access generally allows access to your whole computer, so security is
very important. VNC uses a random challenge-response system to provide the basic
authentication that allows you to connect to a VNC server. This is reasonably secure and the
password is not sent over the network.

However, once connected, all subsequent VNC traffic is unencrypted. So a malicious user could
snoop your VNC session. Also there are VNC scanning programs available, which will scan a
subnet looking for computers which are listening on one of the ports which VNC uses.

Tunneling VNC over a SSH connection ensures all traffic is strongly encrypted. Also no VNC port
is ever open to the internet, so anyone scanning for open VNC ports will not be able to find your
computers. When tunneling VNC over a SSH connection, the only port which you're opening on
your Console Server is the SDT port 22.

So sometimes it may be prudent to tunnel VNC through SSH even when the Viewer computer
and the Console Server are both on the same local network.

To set up the secure SSH tunnel for an HTTP browser connection from the client computer, follow the
steps above. However when configuring the port redirection, specify port 80 (rather than port 3389 as
was used for RDP) e.g. if using PuTTY: