Remote Desktop & VNC security

I recently set up my G5 so it would be remotely accessible from my iBook. I followed an article in the May 2007 issue of MacWorld and everything works great.
I have seen some posts lately about people having their Macs accessed by "brute force" and that entry seemed to be gained by way of VNC.
I am set up so that I have to access the G5 by SSH using the terminal and then I use Chicken of the VNC to operate the G5 from the iBook.
I guess my question is, how much risk am I taking by allowing my G5 to be accessed through VNC?

The original poster has withdrawn the question for lack of response

Similar Messages

  • Remote Desktop Connection Security

    I have several computers in very geographically distributed areas of the world on their own networks behind substantial firewalls. Remote desktop connectivity is about the only really effective means to communicate with them however, short of VPN appliances
    BorderGuards, etc. I have been ask by my security officer if the remote desktop connections we've been using have been encrypted? I didn't know the answer myself, and research on the internet didn't provide definitive answers. Was there a chance or is
    there a chance that our session traffic could have been read by anyone along the way?
    VR/JW--Sunblock1960

    Hi,
    Remote desktop connection uses the highest possible security level encryption method between the source and destination.
    In Windows Vista or later versions of Windows, the remote desktop connection uses the SSL (TLS 1.0) Protocol and the encryption is Certificate-based.
    TS Gateway can also make the connection more secure, enhance security, see detailed information in this link
    http://technet.microsoft.com/en-us/library/cc731264(WS.10).aspx
    Don't forget some known offical antii-virus software, they can also protect the connetion from network attack.
    Yolanda Zhu
    TechNet Community Support

  • Apple Remote Desktop, VNC, and port 5900 LAN weirdness

    Hi all,
    I am trying to share screens with a Mac Mini running ARD in OS X 10.3.9 over a LAN from my Macbook Pro (10.4.11). I have an Airport Extreme base station (7.2.1). The Mini is connected to the base station via wired Ethernet cable, the Macbook is wireless.
    I'm using Chicken of the VNC (2.0b4) on the MacBook, but I can't get anything but Connection Refused.
    * The software firewall on the mini is off (I'm behind NAT)
    * I've turned on ARD in the Sharing prefs control panel, set up the users and checked all the "allow" checkboxes (and restarting the mini)
    * I've tried connecting to port 5900, 5901, and 3283
    * I've tried enabling port mapping on the Airport (which seems crazy, since this is all happening within the LAN)
    I can SSH to the mini just fine from the Macbook. Using NetUtility, I can ping it, traceroute to it, you name it.
    The only weird thing that I can find is that when I do a Port Scan on the Mini, it never returns port 5900 as open (which it seems like it should). Other ports return as open.
    I've Googled my brains out looking for answers on this, and the best info that I can find points toward a network config. problem. But if that's the case, why can I SSH okay?
    And yes...I could upgrade to Leopard on the MacBook. Or install OSXvnc on the Mini. But I can't see why I wouldn't have exactly the same problem. And, dadgum it, this should work!
    I'm totally stumped (and have a sneaking suspicion that I'm missing something obvious). If anyone can shed light on this, or point me at a resource, I'd be very grateful.
    thanks,
    c

    Thanks to the folks at macosxhints.com, I have discovered that ARD in OS X 10.3.x doesn't support VNC connections.

  • Apple Remote Desktop 3.7.1 lag problem

    Hello,
    Since updating to Apple Remote Desktop 3.7.0, I have had this problem. I just updated to 3.7.1 and the problem is still occuring.
    I am using RealVNC Viewer 5.0.6 Windows 64bit on a Windows 7 machine to connect to my Mac through Apple Remote Desktop VNC.
    It's tricky to describe the problem, but I'll do my best:
    Remote desktop is quick and responsive (I'm using it over an internal network)... Except for the last frame of any sequence of frames. For example, if I scroll a window quickly, the intermediate frames showing the scrolling come through quickly... But the last frame that my screen settles on takes up to a full second before it comes through.
    You can reproduce this problem most easily by opening up a terminal, typing a command, then pressing return. Or, press return multiple times in rapid succession: The first few returns come through fast, but the last one always comes through slow, up to a full second later.
    I never had this problem before the 3.7.0 update. Any progress on fixing this issue?
    Thanks,
    Allen

    I agree the new Remote Desktop 3.7.1 is very laggy. All my machine are up to date with patch, same issue..
    Gary

  • Can I use Remote Desktop Connection (windows server 2008) even if no user is logged in?

    I'm configuring a Server, running Windows Server 2008, to be accessed remotely. Suppose no user is logged in in the server (if it was just turned
    on, for instance). Can I use the "Remote Desktop Connection" feature to log in remotely in this case? Or is it always necessary to have a user locally logged in, to remotely log in to one of the users available?

    If its a fresh installation, RDM might not work at first.
    1. You need to check firewall and allow Remote Desktop. To be specific, communication to port 3389 TCP
    2. Right click My Computer --> Properties --> Remote tab
    Enable Remote Desktop
    Allow connections to this computer
    Click users and grant the permissions for the users. By default, Administrators do have the permission. An also, the users who are members of the 'Remote Desktop Users' security group also have the permission

  • Allow log on through Remote Desktop Services Group Policy for Domain Controllers

    Hello,
    We want to allow our Helpdesk Operators to be able to connect to Domain Controllers with the Remote Desktop Services. This is by default not allowed but according to many sites, it should be able to configure by using a Group Policy.
    We made a new Group Policy with the setting 'Allow log on through Remote Desktop Services' and 'Allow log on locally' (as an extra for testing) and applied Security Filtering to only use it for a specific Security Group. Our test user is a member of this
    security group and should be able to access the Domain Controllers now. However this isn't working.
    The error message we receive upon trying to connect:
    The connection was denied because the user account is not authorized for remote login.
    For troubleshooting, we also applied the Security Group for that setting in the Default Domain Controllers Policy but that doesn't seem to work either. We want to avoid customization on our Default Domain Controllers Policy but this was just a test case
    for solving our problem.
    What should we do to solve our problem?
    I hope to hear from you soon.
    Thanks in advance.

    Hi, I just found out what the problem was. This site helped me alot:
    http://blogs.technet.com/b/askperf/archive/2011/09/09/allow-logon-through-terminal-services-group-policy-and-remote-desktop-users-group.aspx
    In my case, I had the group added to the Allow Logon Through Remote Desktop Services but was not added to the Builtin\Remote Desktop Users group. After knowing this I made some changes to our situation and are now using the builtin\Remote Desktop Users group
    rather than a new self made Security Group. I also added the Remote Desktop Users to the Allow Logon Through Remote Desktop Service in the Default Domain Controllers Policy as this is not done by default. By default only the Domain Administrators are able
    to logon through remote desktop services.
    You do not need the 'Log on Locally' permission within the Group Policies.
    In short:
    Add the desired users/groups to the 'Builtin\Remote Desktop Users' security group.
    Add the 'Builtin\Remote Desktop Users' security group to the 'Allow Logon Through Remote Desktop Services' within the 'Default Domain Controllers Policy'.
    Thank you anyway for the fast reply.
    Have a nice day!

  • Remote Desktop - not running/no listener on port 3389

    Hello,
    I have a problem with RDS (Remote Desktop) on a Windows 7 machine. It worked fine for the past 2 years.
    Error: The computer can’t connect to the remote computer.
    First I checked some settings:
    RDP enabled (also tried to disable, reboot en then enable)
    Registry: fEnableWinStation (1)
    Firewall is disabled
    RDP / RDS services are running
    Problem:
    RDP/RDS is not listening
    “qwinsta” command: rdp-tcp is not listed
    “netstat –an” command: no listener on port 3389
    (rdp is configured to use the default port, 3389)
    I also checked the “RDP Winstation driver” and the “Remote Desktop Services Security Filter Driver”.
    Statup type: Demand
    Problem: Both are NOT started.
    When I start them manually, or set the startup type to “boot” and then reboot
    the drivers will start, but it makes no difference. Still not listening on 3389.
    Does someone know a solution besides reinstall the OS.
    Thanks.

    Hi,
    Firstly, I would like to check when did this issue happen? Whether you have tried installed some software or updates?
    Meanwhile, please try to perform a
    system restore to check the result.
    Also check the server settings, here is a similar thread:
    Terminal Services/ Remote Desktop not working 
    Hope this helps.
    Vincent Wang
    TechNet Community Support
    Have you tried this?
    Regards
    Vincent Wang
    TechNet Community Support

  • Remote Desktop Connection 8.1.4 - RemoteApp not working

    Hi,
    I recently setup RemoteApp on our Terminal Server (2008 R2).  - For rolling out IE and a terminal application to our sales team.
    Initial setup worked fine, then all of a sudden it stopped working (after about an hour).  This was originally using 8.1.3 version of the client, so I updated to 8.1.4 and the problem still exists.
    The error I'm getting currently is: "The publishing server has encountered and error, please try again"
    All event logs show everything to be fine. Here's some of the things I have tried:
    Disabling NTLMv1 on the Terminal Server
    Selecting "Bypass gateway for local addresses" and unselecting this.
    Deleting RemoteApp applications and readding
    Restating the gateway service
    Restating the Terminal Server
    It appears a lot of other people have the same, or similar issues.  - I'm not sure why MS doesn't just roll back to a stable release (it's what all other companies do if a release goes bad).
    Anyway, here's hoping you guys can help.
    Thanks,
    Lee

    Hi Lee,
    Thank you for posting in Windows Server Forum.
    Have you try to use the option “Allow connections from computers running any version of Remote Desktop (less secure)” and verify whether you are facing same issue. For further update, I will forward your concern to the product group.
    Hope it helps!
    Thanks.
    Dharmesh Solanki
    TechNet Community Support

  • Enabling remote desktop access to a simple windows 2012 datacenter edition server

    Hi,
    I am a complete noob to server administration. I installed a windows 2012 server initially as a workgroup. All i need is to enable a user to remotely access my server(using remote desktop). The firewall that I use is Gibraltar.
    I read that to enable remote desktop services my server has to be part of a domain. So i promoted my server to a domain name controller. Using active directoty I added a user to the domain. I also read that to make remote desktop more secure, I have to request
    the user to login through a VPN. 
    Now here is where I am completely lost. Do i really need to move my server to a domain, if the user just wants access to this server and nothing else? Should i restrict remote desktop access only through VPN
    and if so, how can i do that? Further, the server dashboard gives me notifications about 'remote desktop licensing' not configured. We got the software as a campus licensing and I am not sure how to configure the remote license server. Any opinions are highly
    appreciated.

    If you're just trying to setup this to allow administration access then I don't believe you need it to be a member of a domain. There's a difference between allowing remote desktop access for administration, and setting up full terminal services access for
    multiple users. The latter requires a lot more work and licensing unlike the former.
    To simply allow admin access, open an explorer window and right click on Computer, then select properties. In the System window that appears, click Remote settings on the left. Now in the bottom half of the window select "Allow remote connections to this
    computer" and leave the option requiring NLA in place. Click Select Users..., you'll see that the administrator user already has permissions to connect, so if you're only planning to connect with that then you're finished, otherwise find those users you
    want to grant access.

  • Remote Desktop and the various VNCs

    I've used VNC and Remote Desktop on Windows for a while and love them dearly. I was ecstatic when I picked up my mini in August and found that Tiger's ARD included VNC support.
    But it's driving me up the bloody wall.
    My laptop is a windows machine, so I've used VNC and TightVNC to connect to it. TightVNC is much faster but either one will eventually choke and then I can't reconnect until I physically disable/enable remote desktop access on the Mac.
    Are any companies out there developing a true windows client? Past research has shown zip in that regard, but it would be wonderful to have accelerated desktop access.
    Fingers crossed

    Hi Rafael,
    Thanks for the reply. I've decided to go that route as well. With Hamachi ( www.hamachi.cc ) coming out for the Mac shortly (console version just came out, GUI version coming soon) it will make for secure sessions that anyone in the family can use. I won't even dare try to explain SSH to family members.
    I'd still love to see an Aqua-accelerated remote desktop solution that runs on Windows though.

  • Server 2012 R2 Remote Desktop Gateway. Most Simple and Secure Design For Small Environment?

    We would like users to be able to connect remotely over the Internet from their personal devices to their primary Windows 7 workstation (a physical box on their desk) by using the Microsoft RDP Client For Windows, Mac, iOS and Android.  There is no
    plan to use RDWeb or Remote Apps, or VDI.  Just plain remote access to their desktop PC without VPN plus a third party 2nd factor authentication product that can text them back a code to enter with their AD credentials (AuthAnvil or Duosecurity)
    We do not have TMG or ISA.
    We would like to get these services all running in a single server and be as simple as possible while still being very secure.
    The recommendations I see seem to suggest putting the RDG in a DMZ with either a domain controller on a new domain with a one-way trust to your internal domain or else a read-only domain controller on your domain and then RD Session Host and License server
    located on different servers on your internal LAN.
    http://blogs.msdn.com/b/rds/archive/2009/07/31/rd-gateway-deployment-in-a-perimeter-network-firewall-rules.aspx
    That sounds like a lot of separate servers and cost for not a lot of users in our environment.
    Do we even need a separate session host server if there are no RDP sessions being hosted directly on the servers because  the users are only being redirected to connect to their workstations and will never be using terminal sessions on the server?
    Can the RODC or the Domain controller on new domain with the one-way trust be the same server as the Remote Desktop Gateway server and not separate servers?
    What is the most minimalist way to set this up with good security when opening all the ports needed to authenticate with internal DC is not secure enough?

    #2 sounds like we would need 2 Essentials servers and we will not have that.
    We currently have Server 2008 R2 and have 2012 Standard licenses that are not yet used.
    We have much more than 75 users total, but 75 is more than the number of users that will probably take advantage of using RD Gateway any time soon.  It will probably take time to catch on.
    If RD Gateway usage was to get super popular and more than 75 users were depending on access to it, then we could financially justify paying to buy all the CALs needed to run RD Gateway without Essentials.  Right now, they are skeptical that it will
    be worth spending much money on this and don't want to invest a lot  of money up front.
    My understanding is that if we have 75 or fewer users using RD Gateway then we need to by no CALs, just apply a Server Standard Edition License to the server, but if we had 76, we would need to turn off Essentials and buy 76 new CALs.
    Or would we need to add 50 CALs to the 25 that automatically come with Essentials?
    Also does "turning off" Essentials mean we would have to reinstall and redeploy the RDG or is it just a matter of enabling the RD license server and adding purchased CALs?
    No, when you buy essentials you get the right to create 25 users that access the server, when you create the 26th user you will need to have 26 CAL and RDS CAL. 

  • Remote desktop (and VNC) show black screen

    I am using Remote Desktop (or VNC) on a 10.6 laptop to access my 10.6 Mac Pro at work. The desktop Mac is up and awake because I can connect to it by SFTP and pull down files. But when I make a Remote Desktop connection, all I see is a black screen and no password window (to break through the screensaver, as usually happens). This used to work just fine - I don't know what changed. How do I diagnose and/or fix this - why isn't my remote access working?  (btw, I don't know if this matters, but I have 4 monitors on this Desktop Mac Pro, although it used to work just fine).

    Hi,
    Please make sure you have installed the correct NIC drivers for your RDS server and PC, and checking the switches, setting the speed of NIC's to auto might help you to solve the problem.
    You can also check the following items:
    Please try lower screen(no full screen) resolution in Remote Desktop Connection to see whether this issue still exists.
    Disable the use of "Bitmap Caching" on the RDP client.
    Verity that the server, client and the network equipment using the "MTU" size.
    More information:
    A black screen may appear while logon by using remote desktop
    http://support.microsoft.com/kb/555840
    Technology changes life……

  • Remote desktop connection blocked by cisco security agent

    Hi,
    I have a deployment of a Management Center for Cisco Security Agents 6.0.2 and i just noticed that the agent is blocking the remote desktop connection to the hosts, the agent installed on the server shows me the event but i'm not able to see it logged on the Management Center (i can see logged any other events), i'm not sure what rule should i enable in order to allow this connection.
    Do you have any ideas???
    Thanks in advance...

    Hi,
    Remote desktop connection uses the highest possible security level encryption method between the source and destination.
    In Windows Vista or later versions of Windows, the remote desktop connection uses the SSL (TLS 1.0) Protocol and the encryption is Certificate-based.
    TS Gateway can also make the connection more secure, enhance security, see detailed information in this link
    http://technet.microsoft.com/en-us/library/cc731264(WS.10).aspx
    Don't forget some known offical antii-virus software, they can also protect the connetion from network attack.
    Yolanda Zhu
    TechNet Community Support

  • Remote Desktop disconnected because of security error from Windows 8.1 Surface to Server 2008

    Hello,
    I am trying
    to connect to a remote app on a 2008 server from a surface pro 3 with 8.1
    through Netilla SSL VPN and I getting the following error message.
    Remote Desktop Disconnected
    Because of a security error, the client could not connect to the remote computer Verify that you are logged on to the network and then try connection again
    if I am connected to the network and use the RDP file, it connects fine.
    This
    was previosluly working, but when I changed the terminal server to per user
    license mode from trial mode this happen
    This works fine from Windows 7 machines.<o:p></o:p>
    Any ideas?
    Thanks,
    Derek

    Hi Derek,
    Thank you for posting in Windows Server Forum.
    From the error itself it seems that there is some network connection issue with VPN. Kindly see that you get network when you are using VPN connection, also VPN must be running. You can also try to “ping” the remote computer and see whether there is successful
    ping result.
    Also try to use “Allow connections from computers running any version of Remote Desktop” option on server side and check whether you can remote desktop successfully. 
    Apart this issue can also be caused due to certificate as VPN can’t resolve the certificate properly and facing this issue because you are facing issue only with usage of VPN (as you have commented). Please check
    this link for detail.
    Hope it helps!
    Thanks.
    Dharmesh Solanki
    TechNet Community Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • NULL SID Security Log Event ID 4625 when attempting logon to 2008 R2 Remote Desktop Session Host

    This is a new deployment of Server 2008 R2 in a newly created 08 R2 active directory on a newlyt installed 08 R2 RDSH server.
    A new generic user is created in AD. That user can log on to the terminal server on the console just fine. But that user cannot logon via RDP. Furthermore, the domain admin credentials also cannot logon via RDP.
    When either set of credentials is used, the logon attempt registered in the Windows Security Even Log as a denied attempt with Event ID 4625 reporting a NULL SID.
    Troubleshooting: The RDSH has already been disjoined and rejoined to the domain. Also, curious note, there are three ways to save the user account on the RDSH server as a valid user account which has permissions to logon. The one Microsoft recommends is to open computer management and edit the remote desktop users group. When I the accounts here and click apply, they immediately dissapear. Secondly, I can open the computer properties and go to the remote tab. There I find the user accounts added using the previous method are enumerated but not displaying correctly. They show up with the RDSH server name and a question mark. The last way, is to open the Remote Desktop Session Configuration tool and edit the properties of the rdp connection and go to the security tab. This was the only place I could get a user to ‘stick’ but the logon attempts still show a NULL SID and access is denied.
    I have scoured every bit of RDS documenation I can find with no luck.
    Thanks,
    Chris

    I am also experiencing this issue. 
    2008 servers, 2007 exchange on server 2008. 
    These are fresh servers, fresh AD. Users can log onto domain normally, RDP not working for admin accounts, generating same errors as posted above.
    The bigger issue, is that we have a cisco messaging service account that is generating this error on the DC's and the Exchange server as well. The service basically emails users voicemails to their inbox. The user we've created for the cisco service is unable
    to authenticate to the exchange server, in turn generating the same errors posted above as well. We can log on to the domain with this account just fine. 
    Any ideas on this? We have not tried re-adding the servers to the domain. 
    Log Name:      Security
    Source:        Microsoft-Windows-Security-Auditing
    Date:          5/5/2010 9:01:13 AM
    Event ID:      4625
    Task Category: Logon
    Level:         Information
    Keywords:      Audit Failure
    User:          N/A
    Computer:      xx.corp
    Description:
    An account failed to log on.
    Subject:
    Security ID:                         NULL SID
                    Account Name:                 -
                    Account Domain:                             -
                    Logon ID:                             0x0
    Logon Type:                                       3
    Account For Which Logon Failed:
                    Security ID:                         NULL SID
                    Account Name:                
    xxxx
                    Account Domain:                            
    xxxx
    Failure Information:
                    Failure Reason:                 Domain sid inconsistent.
                    Status:                                  0xc000006d
                    Sub Status:                         0xc000019b
    Process Information:
                    Caller Process ID:             0x0
                    Caller Process Name:     -
    Network Information:
                    Workstation Name:        laptop
                    Source Network Address:            -
                    Source Port:                       -
    Detailed Authentication Information:
                    Logon Process:                  NtLmSsp 
                    Authentication Package:               NTLM
                    Transited Services:          -
                    Package Name (NTLM only):       -
                    Key Length:                        0

Maybe you are looking for

  • Mailbox Move Problem

    Hi, I need mailbox move between 2 exchange 2013 mailbox server. But we receive an error message and failed job. Status datail StalledDueToWriteUnknown. how to correct this problem ? thank you. New-MoveRequest -Identity "user1" -TargetDatabase "Mailbo

  • Business Graphics Problem

    I am working with business graphics in WebDynpro.  I have created an application step by step with a tutorial I found in NWDS.  When I run it,  it gives a page with a colorful image saying "Graphics Rendering Problem".  I also ran a sample WebDynpro

  • Change the Language on Quicktime Software

    Hi, I have a Italian Windows but want to have my Quicktime Pro in German or English. Although I have downloaded the installer from the US and German Apple Site I still have the Quicktime Player in a italian version, does someboby know how to change t

  • Loop auditions correctly but doesn't play correctly in Logic project

    I've found this particular loop, "Euro Move Synth 3" play correctly when I audition it but as soon as i drag it over into a project, the file will not play as auditioned. I've tried deleting the loop and reinstalling and creating new projects. Using

  • How I can to setup Raid 0 in the Pavilion dv7 6b04er?

    Hi! Subject. Thank you!