Frequent readers of this web page will realise I like to learn how to do things (this is the reason for the long gaps between my posts). I hope readers find this information to be useful… After seeing a member of another club demo it on a smart phone for me, I decided to give it a try myself. Be aware this is only scratching the surface of the topic and it can be a security risk if not implemented safely.
VNC is a way to control one computer with another. It sends screen shots over a network. It also accepts commands sent to it. The end result is a window which duplicates the desktop of the machine being controlled. The only thing is the machine being controlled needs to be on or at least in stand-by mode.
I decided to go with what I could find for free. A big surprise there. 😉 Since Bill insists on a link to the Mac or Apple // world I figured I would start with that. Because of this insistence it turns out I found the simplest way to implement the use of VNC. Thanks Bill. It saved me a lot of headaches.
The first thing to realise is there are two parts to the process. The first is the server side on the host machine and the second is the client on the guest machine. To simplify the mind set, think of the server being placed on the machine to be controlled and the client installed on the controller machine. Only one server is needed but several clients can be run at the same time.
Setting up the server on the Mac is incredibly simple. Incidentally it has been a free part of OS X since 10.4. Since each version of the operating system implements it differently I’ll describe things in general terms. A functional router is needed. The IP addresses can be assigned by DHCP or the machine can have a static IP. This matters more on the server side than it does on the client side. This is because the client needs to know what address it needs to connect with. This can be found by going into the network preference of the server and searching for it. Once the host address is known, go into the sharing preference on the server and turn on screen sharing. Going into the advanced setting here is a good idea too. In my case I set things up so only administrative users can connect with a password which is different from the login password. This is where it can get dangerous. We all know how fast passwords can be cracked. Leaving a host machine on all day is generally not a good idea.
Clients are a little more complex. In this case I picked a Linux client and gave it a try. It took about five minutes figuring out what to do before it worked. The client generally needs three things… The IP address of the server, the login ID, and the password set up in the sharing preferences. Once I managed to get all that worked out things went fairly well. Of course I was connecting on my own LAN instead of coming in from the outside. But that’s another story.
There are a couple of things to watch out for. Not all clients which call themselves VNC clients will work properly. At last nights meeting a member tried to connect with a Windows box only to find the client expected to find a commercial server written by the same company. A lot of the “free” clients on the Mac or Windows platforms are crippled by time or performance issues. Not all software will run properly over VNC. I’ve had issues with DOSBox. The screen froze. The user interface is also slower. When reading an e-book I found a single mouse click on the client occasionally translates to multiple clicks on the server box. Video over the LAN is also slower. They will be jerky on the client side but play normally on the server side. Any sound generated as a result of VNC will be on the server side not the client side. If there are multiple clients connecting to the same server, should one of them decides to logout of the account then everyone is logged out. This is different from disconnecting from the server. If someone disconnects from the server, they can reconnect at a later time.
If implemented in a safe way I can see a lot of advantages. For example a person sitting at one machine can do multiple things on multiple computers at the same time. A friend says he uses a similar program to manage his bittorrent downloads without having to sit in front of the machine in his basement. If a persons workplace has implemented a ban on certain web pages, they can use VNC to have their home computer access them. If the computer can control some devices in the home the homeowner can give the impression they are at home even though they are in a remote location. The reason Microsoft and presumably Apple installed the software was to allow remote access for their “technicians” to fix problems with minimal customer input. If the user has a webcam installed on the server machine they can run the software from a different location. Since the monitor doesn’t have to be on for this to work, all this can be done secretly. While having a computer (or tablet) searched at the border, the agents will find only the software the user has on the machine they have with them. If the files the agents are looking for are on a different machine (which is not visible) they have no reason to seize the users traveling machine.
My personal opinion is this is cool, but insecure, and is minimally useful.