New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Internet, Networking, and Wireless Discussion of networking, internet, and wireless including Apple's Airport products.

vnc, port forwarding


Post Reply New Thread Subscribe

 
Thread Tools
bboyreason

 
Member Since: Sep 29, 2009
Posts: 70
bboyreason is an unknown at this point

bboyreason is offline
i just got a vnc to work locally on my macbook from an ubuntu netbook;
can control the desktop and access stuff fine;
i am wondering if i can access this from other networks?
what would i use as the ip, since i enter 192.168.1.x to get on the macbook from the same network;
would i use the wan ip and some type of port forwarding?
if so, my router asks for the name of a service, eg. AIM, telnet, http, ftp
ideally, i would like to access files on the macbook, but can i also route traffic through my home router to a proxy service or through the macbook via proxy service;
so i can browse anonymously (to a certain extent) from a netbook in, for example, a starbucks through my router at home
QUOTE Thanks
bboyreason

 
Member Since: Sep 29, 2009
Posts: 70
bboyreason is an unknown at this point

bboyreason is offline
come on, has anyone ever set up a VPN at home,
and been able to access from different networks?
QUOTE Thanks
IvanLasston

 
IvanLasston's Avatar
 
Member Since: Feb 26, 2010
Location: Rocky Mountain High, Colorado
Posts: 2,116
IvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to behold
Mac Specs: 1.8 GHz i7 MBA 11" OSX 10.8.2

IvanLasston is offline
VNC is insecure - and if use it over the internet - you'll want to encrypt it by portforwarding through ssh.
Setup a dynamic dns - there are a myriad of ways to do this but most routers support dyndns - then you don't have to worry about knowing the ip address.
DynDNS.com - Services -- Dynamic DNS Free (DDNS) Service

Setup SSH on ubuntu - search the web for securing ssh, ssh and iptables, and denyhosts. Also search for rsa public key - and don't allow password login. Do note that once you open port 22 you will get attacked so that is why these precautions are neccesary.

Then port forward 22 to your ubuntu

You can then ssh tunnel to any port on your internal network. To do vnc the command would look like
ssh -L 5910:192.168.1.2:5900 ivanl@myregistereddomain.dyndns.org
Needs to be capital L - otherwise l means login
5910 is the local port you are forwarding to
192.168.1.2:5900 - the internal ipaddress and port you are forwarding
ivanl would be your login to your ubuntu box
myregistereddomain.dyndns.org is the name you registered with dynamic dns

This is just a high level overview but I'd not recommend doing any of this until you fully understand the security risks involved - which are many.

Opening and forwarding ports is very dangerous especially known ports like VNC, RDC, SSH, etc as there are script attacks setup for pretty much all known ports. SSH is pretty secure but again - search and understand the ways ssh can be attacked.
QUOTE Thanks
bboyreason

 
Member Since: Sep 29, 2009
Posts: 70
bboyreason is an unknown at this point

bboyreason is offline
i am not quite sure of all the risks involved, but the data on the computers is well backed up and i wouldnt care if anyone stole it or i had to do a reinstall;
i think this is a good way of learning the risks involved though;

just to be clear, i am wanting to have my macbook at home (with an ext HD), i have a reserved address for it on the network (192.168.1.x) which otherwise is using DHCP;
i read some about setting up ssh, but dont i need to set it up on the macbook as well and forward to the port on this machine?
i thought i would need to forward to the machine at home?
or have i got it backwards?
thanks for the great post, i think with this info it is now just a matter of time before i can leave my mac out of harms way and travel with a cheap netbook with free open source software

edit: btw i set up an account with no-ip.org, so they are providing a static ip that refers to my sometimes changing ip from provider? do i need to correspond any port forwarding to this service, or just to the macbook? or to the netbook (although i dont see how, unless i specify by MACaddress, because the netbook would have different IP depending on where i was)
QUOTE Thanks
IvanLasston

 
IvanLasston's Avatar
 
Member Since: Feb 26, 2010
Location: Rocky Mountain High, Colorado
Posts: 2,116
IvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to behold
Mac Specs: 1.8 GHz i7 MBA 11" OSX 10.8.2

IvanLasston is offline
Sorry I misunderstood your setup.

Also let me say - I am very serious about network security. You might think why bother no one is going after me. As I said once you start opening ports to the internet there are scripts ready to attack. Your machines can be made zombies, your email could get hacked and get blacklisted, hence making that email useless. If there is any information available you could become a victim of identity theft - it doesn't take much data to take your identity, open credit cards, take loans in your name, etc. So you should care if someone gets into your network. Do you ever buy anything online? Do you ever bank online? Do you ever do taxes online? If the answer is ever yes then you should care. But I digress...

The high level view of what I described is this.
remote client <->(internet)<->ssh server <-> any port, any computer inside the network

I'll pirate an image from the web



That being said you can port forward the server's ports as well - which I do quite often. As long as the server has an ssh-server on it (which the mac does) you can set this up.

The no-ip setup is just so you can point to an easy to remember site name instead of an ip address. It serves the same function as the dyndns I suggested. So once it is pointing to your network there isn't anything you need to do for no-ip - it is a passthrough more or less. Just remember to have a script or something that updates the IP every now and then. The reason I use dyndns is most routers including mine have a built in setup for dyndns. So as an example I want to ssh to my machine. I registered imcool.noip.com - I port forward and open port 22 to my ssh server (in your case the mac) All I'd have to do is ssh imcool.noip.com and I am sshing to the mac. So on top of being able to port forward ssh to any machine internal of my network, I can also use ssh to copy, move, etc files to and from the ssh server. Cyberduck with sftp - can use scp.
Cyberduck | FTP, SFTP, WebDAV, Cloud Files & Amazon S3 Browser for Mac OS X | About
So again I just point cyberduck to imcool.noip.com - and it opens a window that lets me browse my ssh server.
QUOTE Thanks
bboyreason

 
Member Since: Sep 29, 2009
Posts: 70
bboyreason is an unknown at this point

bboyreason is offline
i will do more research on the vulnerabilities of what i set up, but dont i need to type the admin password to do anything significant as of 10.5.8?
like to install a keylogger program, for example, on the macbook, even if they access the machine remotely, dont they need physical access or admin password to install any executable?
if its a more complicated issue, i will be doing some long term reading, i got "the network self-teaching guide" which has commonly used protocols like ssh;
is there a specific resource you would point me towards?

thanks for the clear instructions
QUOTE Thanks
Collin Bl

 
Collin Bl's Avatar
 
Member Since: Apr 07, 2009
Location: Napier NZ
Posts: 3,281
Collin Bl is a jewel in the roughCollin Bl is a jewel in the roughCollin Bl is a jewel in the rough
Mac Specs: 27 iMac i5, MBP 13 & iMac 20, 2TB dual TC, AppleTV, iPh4S

Collin Bl is offline
Or if want to have look here it may be of interest Take Control of Back to My Mac
QUOTE Thanks
IvanLasston

 
IvanLasston's Avatar
 
Member Since: Feb 26, 2010
Location: Rocky Mountain High, Colorado
Posts: 2,116
IvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to beholdIvanLasston is a splendid one to behold
Mac Specs: 1.8 GHz i7 MBA 11" OSX 10.8.2

IvanLasston is offline
Oh yeah Occam's razor - if all you really want to do is transfer files from your mac and control it remotely try team viewer
TeamViewer - Free Remote Access and Remote Desktop Sharing over the Internet
free for personal use. Has a built in file transfer and remote desktop viewing/sharing. Very easy and it is cross platform between mac and windows - now if you have linux that is an issue.
QUOTE Thanks

Post Reply New Thread Subscribe


« Time Capsule Connection Problem | Airport express doesnt connect to internet(adsl) »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
Double Routers & Port Forwarding herovijay Internet, Networking, and Wireless 11 05-19-2011 07:10 PM
Port Forwarding: I don't know what's going wrong?! Jakebert Internet, Networking, and Wireless 1 02-14-2010 06:46 PM
AirPort Extreme --> Port Forwarding 4 NAS letsdabble Internet, Networking, and Wireless 6 01-19-2010 12:58 AM
Port forwarding with airport express? Goldex Internet, Networking, and Wireless 0 08-09-2009 07:46 AM
Port Forwarding Through airport and router Lordd Internet, Networking, and Wireless 3 04-06-2005 04:31 PM

All times are GMT -4. The time now is 03:50 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?