Fedora Linux Support Community & Resources Center
  #1  
Old 2nd August 2012, 05:30 AM
egi4fedora Offline
Registered User
 
Join Date: Aug 2012
Location: California
Posts: 3
windows_7ie
vnc to vino on f17 - docs on firewall changes?

I spent several hours getting a VNC connection to vino on a fresh install of f17. I set Desktop Sharing Preferences on f17, but could not connect from tightVNC on Windows 7. My tightVNC on Windows 7 returned error: "A socket operaton was attempted to an unreachable host." I could ping from Window 7 to f17 successfully.

I finally figured out that I needed to allow port 5900 in Firewall Configuration on f17. This is unlike my experience installing tightVNC on Windows 7: the installer modified the firewall to allow connection.

My question is: was there a guide or FAQ that could have let me know that a manual modification to the firewall would be required in order to use vino?

If I can find a guide that will tell me that, I feel I may find answers to many other questions I have.
Reply With Quote
  #2  
Old 2nd August 2012, 04:25 PM
droidhacker Offline
Registered User
 
Join Date: Oct 2009
Posts: 827
linuxfirefox
Re: vnc to vino on f17 - docs on firewall changes?

All incoming connections need to be granted permission to get through the firewall WITHOUT EXCEPTION.
If wondoze let this happen automatically, it either wasn't running a firewall AT ALL, or it indicates the most extreme of security vulnerabilities. If an application you WANTED to have listening could modify the firewall configuration to accept connections, then a malware you did NOT want to let listen could also do this.

The purpose of a firewall is to prevent outside connections into services that ARE listening, in the event that you don't really WANT those services to be listening. If all listening ports are 100% wanted by you, the firewall would serve no purpose.

Hence, wondoze firewall is completely worthless garbage.
Reply With Quote
  #3  
Old 2nd August 2012, 05:06 PM
egi4fedora Offline
Registered User
 
Join Date: Aug 2012
Location: California
Posts: 3
linuxfirefox
Re: vnc to vino on f17 - docs on firewall changes?

Thanks. I'm looking for a book, guide or tutorial that contains the design philosophy you describe. The closest I've found so far is "Fedora Essentials" from Techotopia. That has a section on Firestarter that may help me understand how to properly configure my firewalls. It looks like Firestater has a log that may have helped me see my failed connection.

Any other suggestions for books or guides where I could have picked up the philosophy that I should expect to hunt down port numbers and create firewall entries when I install programs that listen to for network traffic?
Reply With Quote
  #4  
Old 3rd August 2012, 01:29 AM
Doug G Offline
Registered User
 
Join Date: Jul 2005
Posts: 640
windows_7chrome
Re: vnc to vino on f17 - docs on firewall changes?

You have to look in the application to find the tcp port number it uses. One place you could find the vnc port number is here: http://en.wikipedia.org/wiki/List_of...P_port_numbers , although I run VNC on a non-standard port so the list wouldn't help me.

The windows firewall is quite good, and installing tightvnc doesn't create any security holes. Windows firewall has a feature that I don't think is in linux, you can allow incoming connections by program file name regardless of port. This is what TightVNC configures with it's installer, it tells the windows firewall to allow connections to tvnserver.exe. I find this reature handy since I regularly use different vnc port numbers and I don't have to diddle with firewall port settings when I change my vnc server from port 5902 to 5911.

You may want to get a little familiar with nmap to help you identify open ports on a system. Also http://www.grc.com has an on-line scanner that will tell you what ports are open on the computer you use to visit their site. Plus there is a lot of generally useful information on that site.

When you have routers and external firewalls in your network you also need to understand port forwarding to allow connections from outside that device.
__________________
======
Doug G
======
Reply With Quote
  #5  
Old 3rd August 2012, 06:39 AM
egi4fedora Offline
Registered User
 
Join Date: Aug 2012
Location: California
Posts: 3
linuxfirefox
Re: vnc to vino on f17 - docs on firewall changes?

Thanks for the nmap suggestion and the ShieldsUp scanner. I'm learning a lot from Zenmap running from the BT5-R3-BH iso I picked up in Vegas last week. Using the ShieldsUp and Zenmap, I can compare my external WAN and internal LAN exposure.
Reply With Quote
Reply

Tags
docs, f17, firewall, vino, vnc

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
vino won't start MetalPower Servers & Networking 0 5th January 2011 07:39 AM
F11 + vino ... slow sejoel Using Fedora 0 14th July 2009 11:36 PM
Vino in VNC session prdufresne Using Fedora 0 12th February 2009 08:17 PM
VNC & Vino DaveVentresca Servers & Networking 6 19th January 2009 02:11 AM
vino-server cdlaforc Using Fedora 4 19th March 2007 06:09 AM


Current GMT-time: 07:58 (Thursday, 23-10-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat
Pleiku Instagram Photos - Bousse Travel Photos - Antiguo Cuscatlan Instagram Photos