VNC http en wikipedia orgwikiVnc VNC demo n

VNC http: //en. wikipedia. org/wiki/Vnc

VNC demo n Windows q q n Tight. VNC ajklinux 2. uncc. edu: 1 Ubuntu q Gtk VNC Viewer

VNC Virtual Network Computing

VNC - Overview n Virtual Network Computing (VNC) q A graphical desktop sharing system n Uses the RFB protocol q q Remotely “control” another computer § Use another computer via a GUI environment Uses a network n n Transmit keyboard and mouse events from one computer to another Relays the graphical screen updates back

VNC - Overview n Platform-independent q VNC viewer resides on any operating system n q Clients and servers available for: n n q q Can connect to a VNC server of any other operating system Almost all GUI operating systems Java enabled systems Multiple clients may connect to a VNC server at the same time Popular uses for this technology include: n n Remote technical support Accessing files on one's work computer from one's home computer

VNC - Overview n Developed at “AT&T” q Original VNC source code and many modern derivatives are: n n Open source GNU General Public License

History

History n Created at Olivetti & Oracle Research Labs q Originally owned by Olivetti and Oracle Corporation q In 1999 AT&T acquired the lab n n Following the closure of ORL in 2002 q Several members of the development team formed Real. VNC n n 2002 closed down the lab's research efforts Continued working on open source and commercial VNC software under that name Several other versions of VNC have been developed from the original GPLed source code. q Forking has not led to compatibility problems n q RFB protocol is designed to be extensible VNC clients and servers negotiate their capabilities when handshaking n Make use of the most appropriate options supported at both ends

Etymology

Etymology n 'Virtual Network Computer/Computing' q Originates from ORL's work on a thin client n n q Essentially an LCD display with: n n q Called Videotile Used the RFB protocol A pen input A fast ATM connection to the network At the time a network computer was commonly used as a synonym for 'thin client' n VNC is essentially a software-only (i. e virtual) version of this network computer

Operation

Operation n VNC system requires: A server q A client q A communication protocol q

Operation n Where: q VNC server n n q VNC client (or viewer) n n q Program on the machine that shares its “screen” Does all the core processing Program that monitors and interacts with the server Displays results VNC protocol n Very simple protocol q Based on one graphic primitive: § "Put a rectangle of pixel data at the specified X, Y position"

Operation n n Server sends small rectangles of the framebuffer to the client In simplest form: VNC protocol can use a lot of bandwidth q q Methods devised to reduce communication overhead For example, various encodings n n Methods to determine the most efficient way to transfer rectangles VNC protocol q Allows client and server to negotiate which encoding to be used

Operation n Simplest encoding: raw encoding q Pixel data is sent in left-to-right scanline order n n q n Supported by all clients and servers Raw Encoding works well if: q Only a small portion of the screen changes from frame to frame n n n First sends complete image After original full screen has been transmitted q Only transfer rectangles that change Mouse pointer moving across a desktop Text being written at the cursor Bandwidth demands get very high when a lot of pixels change at the same time q q Scrolling a window Viewing full-screen video

Operation n n VNC uses TCP ports 5900 through 5906 (default) q Each port corresponds to a separate screen (: 0 to : 6) Java viewer available for many implementations q Real. VNC allows clients to interact through a Java-enabled web browser n q Other ports can be used n q Ports 5800 through 5806 Both client and server must be configured accordingly Some operating systems only support a single VNC session at a time n Base operating system supports only a single session at a time q E. g. Windows XP

Operation n On some machines: q q Server does not have to have a physical display Xvnc is the Unix VNC server n q Xvnc can be considered to be two servers in one n n n Based on a standard X server For applications: it is an X server For remote VNC users: it is a VNC server Applications can display themselves on Xvnc as if it were a normal X display q Will appear on any connected VNC viewers rather than on a physical screen

Operation n Display served by VNC q n Unix/Linux computers that support multiple simultaneous X 11 sessions q q n n Not necessarily the same display seen by a user on the server’s monitor VNC may be set to serve a particular existing X 11 session Start one of its own Multiple VNC sessions can be run from the same computer Microsoft Windows q VNC session served is always current user session

Operation n VNC is commonly used as a cross-platform remote desktop system q Apple Remote Desktop for Mac OS X interoperates with VNC n n n Will connect to a Linux user's current desktop if it is served with x 11 vnc As a separate X 11 session if one is served with Tight. VNC From Linux q Tight. VNC will connect to an OS X session served by: n Apple Remote Desktop q n If the VNC option is enabled VNC server running on Microsoft Windows

Security

Security n By default, VNC is not a secure protocol q Passwords are not sent in plain-text (as in telnet) but… n n Brute-force cracking could prove successful if both the encryption key and encoded password are sniffed from a network Recommended that a password of at least 8 characters be used q Limit of 8 -characters on some versions of VNC n If a password exceeds 8 characters: q q Excess characters are removed Truncated string is compared to the password

Security n VNC may be tunneled over an SSH or VPN connection q q Adds an extra security layer with stronger encryption SSH clients are available for all major platforms (and many smaller platforms as well) n SSH tunnels can be created from q q q UNIX clients Microsoft Windows clients Macintosh clients many others

Security n Ultra. VNC supports the use of an open-source encryption plugin q q n Allows authentication to be performed q n n Encrypts the entire VNC session Including password authentication and data transfer Based on NTLM and Active Directory user accounts Real. VNC offers high-strength encryption as part of its commercial package Workspot released AES encryption patches for VNC

The original n http: //www. cl. cam. ac. uk/research/dtg/attarchive/

RFB protocol http: //en. wikipedia. org/wiki/RFB_protocol

Remote Frame Buffer RFB

RFB n RFB (“remote framebuffer”) q q A simple protocol for remote access to graphical user interfaces Works at the framebuffer level n Applicable to all windowing systems and applications q q n Used in Virtual Network Computing (VNC) and its derivatives RFB started as a relatively simple protocol q n Including X 11, Windows and Macintosh Has been enhanced with additional features (such as file transfers) and more sophisticated compression and security techniques as it has developed To maintain seamless cross-compatibility between different VNC client and server implementations: q q Clients and servers negotiate a connection using the best RFB version Use the most appropriate compression and security options they can both support

History n RFB was originally developed at Olivetti Research Laboratory q Remote display technology n q To keep the device as simple as possible n n n used by a simple thin client with ATM connectivity called a Videotile RFB was developed and used in preference of existing remote display technologies RFB found a second, more enduring use when VNC was developed q VNC was released as open source software and the RFB specification published on the web. q Since then RFB has been a free protocol which anybody can use. ORL was closed in 2002 q Some key people behind VNC and RFB formed Real. VNC Ltd n n q Continued development of VNC Maintain the RFB protocol Current RFB protocol is published on the Real. VNC website

Protocol versions n n Published versions of the RFB protocol are shown below: Developers are free to additional encoding and security types q q q Must book unique identification numbers for these with the maintainers of the protocol so that the numbers do not clash. Clashing type numbers would cause confusion when handshaking a connection and break cross-compatibility between implementations The list of encoding and security types is maintained by Real. VNC Ltd n n Separate from the protocol specification New types can be added without requiring the specification to be reissued Version Source Date Specification RFB 3. 3 ORL January 1998 The Remote Framebuffer Protocol 3. 3 RFB 3. 7 Real. VNC Ltd July 2003 RFB 3. 8 (current) Real. VNC Ltd July 2005 The Remote Framebuffer Protocol 3. 8

Encoding n Pixel data can be encoded to compress data q q n Can reduce the amount of data sent q q q n Raw Hextile Zlib Many others… Various encoding have different efficiencies Can vary by screen content Has a cost of the time to encode/decode Note: encoding is NOT encrypting!

Number Encoding 0 x 0000 Raw 0 x 00000001 Copy. Rect 0 x 00000002 RRE (Rising Rectangle) 0 x 00000004 Co. RRE (Compact Rising Rectangle) 0 x 00000005 Hextile 0 x 00000006 Zlib 0 x 00000007 Tight 0 x 00000008 Zlib. Hex 0 x 00000009 Ultra 0 x 00000010 ZRLE 0 x 00000011 ZYWRLE 0 x. FFFF 0001 Cache. Enable 0 x. FFFF 0006 XOREnable 0 x. FFFF 8000 Server. State (Ultra. VNC) 0 x. FFFF 8001 Enable. Keep. Alive (Ultra. VNC) 0 x. FFFF 8002 FTProtocol. Version (File Transfer Protocol Version - Ultra. VNC) 0 x. FFFFFF 00– 0 x. FFFFFF 09 Compress. Level (Tight encoding) 0 x. FFFFFF 10 XCursor 0 x. FFFFFF 11 Rich. Cursor 0 x. FFFFFF 18 Pointer. Pos 0 x. FFFFFF 20 Last. Rect 0 x. FFFFFF 21 New. FBSize 0 x. FFFFFFE 0– 0 x. FFFFFFE 9 Quality. Level (Tight encoding)

VNC 1. 2. 3. 4. Uses a desktop on the client Is, by default, secure Displays an image of a server “desktop” on the client Should never be used on modern computers