|
Virtual Network Computing (VNC) is a remote desktop protocol to remote control another computer. It transmits the screen, keyboard presses and mouse clicks between two computers on a network.
The VNC protocol allows for complete platform independence: a VNC viewer on any operating system can connect to a VNC server on any other operating system. There are clients and servers for almost all operating systems and for Java. Multiple clients may also connect to a VNC server at the same time. Popular uses of the technology include remote tech support, and accessing your files on your work PC while at home or on the road.
VNC was originally developed at AT&T. The original VNC code is open source under the GNU General Public License, as are many of the flavors of VNC available today.
History
VNC started its life at the Olivetti & Oracle Research Lab, which at the time of VNC's creation was owned by Olivetti and Oracle Corporation. In 1999 AT&T acquired the lab, and in 2002 closed down the research part of the lab.
The name originates from a very-thin-client ATM Network Computer called the Videotile, which was essentially an LCD display with a pen input and a fast ATM connection to the network. VNC is essentially a software-only version of this 'ATM Network Computer', so they named the project Virtual Network Computing.
Developers that worked on VNC while still at ORL:
- Tristan Richardson
- Quentin Stafford-Fraser
- James Weatherall
- Ken Wood
- Andy Harter
- Charlie McLachlan
- Paul Webster
How it works
VNC is two parts, a client and a server. A server is the machine that is sharing its screen, and the client, or viewer is the program that is doing the watching and perhaps interacting with the server. VNC is a very simple protocol and is based one graphic primitive, "Put a rectangle of pixel data at a given x,y position". What this means is VNC takes small rectangles of the screen (actually the framebuffer) and transports them from the server to the client. This in its simplest form would cause lots of bandwidth to be used, and hence various methods have been invented to make this process go faster. There are now many different 'encodings' or methods to determine the most efficient way to transfer these rectangles. The VNC protocol allows the client and server to negotiate which encoding it will use. The simplest, and lowest common denominator is the raw encoding method where the pixel data is sent in left-to-right scanline order, and after initial setup, then only transfers the rectangles that have changed.
VNC by default uses ports 5900-5906, each representing the corresponding X screen (port 6000-6006, for screens :0-:6). A Java viewer is available in many implementations such as RealVNC on port 5800-5806, following the same pattern. These ports can be changed, however.
VNC variations
Because VNC source code was released under the GNU General Public License, several 'flavors' of the program are now available, designed to address certain issues or inadequacies developers found in the original implementation.
- RealVNC (http://www.realvnc.com/) - the official version maintained by the original team from AT&T Laboratories in Cambridge. Features both free and commercial versions.
- TightVNC (http://www.tightvnc.com/) - "enhanced version of VNC, which includes a lot of new features, improvements, optimizations and bugfixes". Known mainly for its more efficient compression algorithms which allow for better responsiveness over slow connections including the internet.
- Ultr@VNC (http://ultravnc.sourceforge.net/) - Full-featured version of VNC (for Windows platforms only) with added features such as file transfers, NT and Active Directory based security, text chat windows, session encryption, and backwards compatibility.
- TridiaVNC (http://www.tridiavnc.com/)
- TridiaVNC Pro (http://www.tridiavncpro.com/) - commercial version with additional improvements for support-desks and network administrators: user help requests, support queues, one-click remote installations.
- ZVNC (http://home.comcast.net/~davedyer/znc/zvnc.html) - An experimental derivitave of VNC and ZeBeDee, a utility to set up encrypted, compressed tunneling between two hosts.
Although Ultr@VNC and TridiaVNC currently only support Windows, the Java clients built-in can provide any Java-capable device with the ability to control the server.
Other platforms
Security in VNC
By default, VNC is not a secure protocol. While passwords are not sent in plain-text (like in telnet), if both the encryption key and encoded password are sniffed from a network, brute-force cracking could prove successful. For this reason it's recommended that a password of at least 8 characters is used for access to machines.
VNC may however be tunnelled over an SSH or VPN connection which would add an extra security layer with stronger encryption. This however isn't always a viable solution; SSH tunnelling can be difficult on Windows machines.
Ultr@VNC supports the use of an open-source encryption plugin which encrypts the entire VNC session including password authentication and data transfer (available here (http://home.comcast.net/~msrc4plugin/)). It also allows authentication to be performed based on NT and Active Directory user accounts.
RealVNC offers high-strength encryption as part of their commercial packages.
Although some users believe VNC to be malicious and easy to use to hack into a system, most of the time a user would have to specifically enable remote access to the ports used by VNC in order to be hacked. In other words, if you have several systems running VNC on a network, they can only be accsesed from within that network unless you specify otherwise (such as in your router's configuration settings).
Further reading
- Tristan Richardson, Quentin Stafford-Fraser, Kenneth R. Wood & Andy Hopper, "Virtual Network Computing", IEEE Internet Computing, Vol.2 No.1, Jan/Feb 1998 pp33-38 PDF format (http://www.uk.research.att.com/pub/docs/att/tr.98.1.pdf)
External links
|
