Bozteck VNCScan Support Center
|
Overview
You can enable and disable access to the VNC server by restricting IP subnets in addition to the existing server password protection. This prevents people that are not on your network from attempting brute force attacks on your VNC servers. This feature works best when you standardize on UltraVNC.
We will start by adding an entry that will block every IP address from accessing our servers. We will follow with another entry that will allow only our own subnet to access the network and then another that will allow a different subnet access but will alert the user of the computers before and allow them to reject the connection.
How It's Done
- Start by creating a new deployment profile. One way to do this is to click on the
 toolbar button.
- Create a new deployment profile or edit an existing one that is based upon the 'Ultra' flavor of VNC.
- You come to a screen with the 'Authorized Hosts' option that you see below.
- Deny All: Click the Add button to add a subnet. You will see the window below open up:
- Click on the Deny button and leave the text box blank. This tells the server to deny any connection to it from any address. The next couple of steps will partially override this setting to allow certain subnets access.
Click the OK button
- Allow Some: Follow step 3 again to set another host mask and this time, click Allow and put in the first part of your subnet that you want to allow access to the servers.
For example, if your network is numbered 192.168.0.1 through 102.168.0.255 and you want to allow all of them, then just enter 192.168.0 and hit OK.
- Question Some: Now, we want to add a subnet of helpdesk people so that they can also remote control computers but we want the end users to know if they are attempting to do so. We will create a rule that will query if a connection request comes from their subnet of 192.168.1.X:
- Now, our screen looks like this and our objectives have been completed:
|
