VNC

Last updated
Virtual Network Computing logo Virtual Network Computing (logo).svg
Virtual Network Computing logo
VNC in KDE 3.1 VNC in KDE.png
VNC in KDE 3.1

VNC (Virtual Network Computing) is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the keyboard and mouse input from one computer to another, relaying the graphical-screen updates, over a network. [1] Popular uses for this technology include remote technical support and accessing files on one's work computer from one's home computer, or vice versa.

Contents

VNC is platform-independent, with clients and servers for many GUI-based operating systems and for Java. Multiple clients may connect to a VNC server at the same time. There are a number of variants of VNC [2] which offer their own particular functionality; e.g., some optimised for Microsoft Windows, or offering file transfer (not part of VNC proper), etc. Many are compatible (without their added features) with VNC proper in the sense that a viewer of one flavour can connect with a server of another; others are based on VNC code but not compatible with standard VNC.

VNC was originally developed at the Olivetti & Oracle Research Lab in Cambridge, United Kingdom, whose developers subsequently created RealVNC Ltd and claimed VNC and RFB as registered trademarks in the US and some other countries. The original VNC source code and many modern derivatives are open source under the GNU General Public License.

History

The Olivetti & Oracle Research Lab (ORL) [3] at Cambridge in the UK developed VNC at a time when Olivetti and Oracle Corporation owned the lab. Developers who worked on VNC while at the AT&T Research Lab include Tristan Richardson (inventor), Andy Harter (project leader), Quentin Stafford-Fraser, James Weatherall and Andy Hopper. [4] The name Virtual Network Computer/Computing (VNC) originated with ORL's work on a thin client called the Videotile, which also used the RFB protocol. The Videotile had an LCD display with pen input and a fast ATM connection to the network. At the time, network computer was commonly used as a synonym for a thin client; VNC is essentially a software-only (i.e. virtual) network computer.[ citation needed ]

In 1999, AT&T acquired the lab, and in 2002 closed down the lab's research efforts. Following this, several members of the development team (including Richardson, Harter, Weatherall and Hopper) formed RealVNC in order to continue working on open-source and commercial VNC software under that name. As of 2013, RealVNC Ltd claims the term "VNC" as a registered trademark in the United States and in other countries. [5]

The original GPLed source code has fed into several other versions of VNC. Such forking has not led to compatibility problems because the RFB protocol is designed to be extensible. VNC clients and servers negotiate their capabilities with handshaking in order to use the most appropriate options supported at both ends.

Design and operation

The VNC server is the program on the machine that shares some screen (and may not be related to a physical display: the server can be "headless"), and allows the client to share control of it. The VNC client (or viewer) is the program that represents the screen data originating from the server, receives updates from it, and presumably controls it by informing the server of collected local input. The VNC protocol (RFB protocol) is very simple, based on transmitting one graphic primitive from server to client ("Put a rectangle of pixel data at the specified X,Y position") and event messages from client to server.

In the normal method of operation a viewer connects to a port on the server (default port: 5900). Alternatively (depending on the implementation) a browser can connect to the server (default port: 5800). And a server can connect to a viewer in "listening mode" on port 5500. One advantage of listening mode is that the server site does not have to configure its firewall to allow access on port 5900 (or 5800); the duty is on the viewer, which is useful if the server site has no computer expertise and the viewer user is more knowledgeable.

The server sends small rectangles of the framebuffer to the client. In its simplest form, the VNC protocol can use a lot of bandwidth, so various methods have been devised to reduce the communication overhead. For example, there are various encodings (methods to determine the most efficient way to transfer these rectangles). The VNC protocol allows the client and server to negotiate which encoding they will use. The simplest encoding, supported by all clients and servers, is raw encoding, which sends pixel data in left-to-right scanline order, and after the original full screen has been transmitted, transfers only rectangles that change. This encoding works very well if only a small portion of the screen changes from one frame to the next (as when a mouse pointer moves across a desktop, or when text is written at the cursor), but bandwidth demands get very high if a lot of pixels change at the same time (such as when scrolling a window or viewing full-screen video).

VNC by default uses TCP port 5900+N, [6] [7] where N is the display number (usually :0 for a physical display). Several implementations also start a basic HTTP server on port 5800+N to provide a VNC viewer as a Java applet, allowing easy connection through any Java-enabled web-browser. Different port assignments can be used as long as both client and server are configured accordingly. A HTML5 VNC client implementation for modern browsers (no plugins required) exists too. [8]

Although possible even on low bandwidth, using VNC over the Internet is facilitated if the user has a broadband connection at both ends. However, it may require advanced network address translation (NAT), firewall and router configuration such as port forwarding in order for the connection to go through. Users may establish communication through virtual private network (VPN) technologies to ease usage over the Internet, or as a LAN connection if VPN is used as a proxy, or through a VNC repeater (useful in presence of a NAT). [9] [10]

In addition, the display that is served by VNC is not necessarily the same display seen by a user on the server. On Unix/Linux computers that support multiple simultaneous X11 sessions, VNC may be set to serve a particular existing X11 session, or to start one of its own. It is also possible to run multiple VNC sessions from the same computer. On Microsoft Windows the VNC session served is always the current user session.[ citation needed ]

In July 2014 RealVNC published a Wayland developer preview. [11] [12]

Security

By default, RFB is not a secure protocol. While passwords are not sent in plain-text (as in telnet), cracking could prove successful if both the encryption key and encoded password were sniffed from a network. For this reason it is recommended that a password of at least 8 characters be used. On the other hand, there is also an 8-character limit on some versions of VNC; if a password is sent exceeding 8 characters, the excess characters are removed and the truncated string is compared to the password.

UltraVNC supports the use of an open-source encryption plugin which encrypts the entire VNC session including password authentication and data transfer. It also allows authentication to be performed based on NTLM and Active Directory user accounts. However, use of such encryption plugins makes it incompatible with other VNC programs. RealVNC offers high-strength AES encryption as part of its commercial package, along with integration with Active Directory. Workspot released AES encryption patches for VNC. According to TightVNC, [13] TightVNC is not secure as picture data is transmitted without encryption. To circumvent this, it should be tunneled through an SSH connection (see below).

VNC may be tunneled over an SSH or VPN connection which would add an extra security layer with stronger encryption.[ citation needed ]

An additional security concern for the use of VNC is to check whether the version used requires authorization from the remote computer owner before someone takes control of their device. This will avoid the situation where the owner of the computer accessed realizes there is someone in control of their device without previous notice.[ original research? ]

Implementations

Xvnc is the Unix VNC server, which is based on a standard X server. To applications, Xvnc appears as an X "server" (i.e., it displays client windows), and to remote VNC users it is a VNC server. Applications can display themselves on Xvnc as if it were a normal X display, but they will appear on any connected VNC viewers rather than on a physical screen. [14] Alternatively, a machine (which may be a workstation or a network server) with screen, keyboard, and mouse can be set up to boot and run the VNC server as a service or daemon, then the screen, keyboard, and mouse can be removed and the machine stored in an out-of-the way location.

Users commonly deploy VNC as a cross-platform remote desktop system. For example, Apple Remote Desktop for Mac OS X (and "Back to My Mac" in versions 10.5 through 10.13) interoperates with VNC and will connect to a Unix user's current desktop if it is served with x11vnc, or to a separate X11 session if one is served with TightVNC. From Unix, TightVNC will connect to a Mac OS X session served by Apple Remote Desktop if the VNC option is enabled, or to a VNC server running on Microsoft Windows. [15]

Other programs or software libraries which implement VNC include Krfb, Libvncserver, PocketVNC, Remmina, TigerVNC, TightVNC, VirtualGL, and Vinagre.

See also

Related Research Articles

<span class="mw-page-title-main">X Window System</span> Windowing system for bitmap displays on UNIX-like systems

The X Window System is a windowing system for bitmap displays, common on Unix-like operating systems.

TightVNC is a free and open-source remote desktop software server and client application for Linux and Windows. A server for macOS is available under a commercial source code license only, without SDK or binary version provided. Constantin Kaplinsky developed TightVNC, using and extending the RFB protocol of Virtual Network Computing (VNC) to allow end-users to control another computer's screen remotely.

RealVNC is a company that provides remote access software. Their VNC Connect software consists of a server and client application, which exchange data over the RFB protocol to allow the Viewer to control the Server's screen remotely. The application is used, for example, by IT support engineers to provide helpdesk services to remote users.

Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft Corporation which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software.

RFB is an open simple protocol for remote access to graphical user interfaces. Because it works at the framebuffer level it is applicable to all windowing systems and applications, including Microsoft Windows, macOS, the X Window System and Wayland. RFB is the protocol used in Virtual Network Computing (VNC) and its derivatives.

x11vnc is a Virtual Network Computing (VNC) server program. It allows remote access from a remote client to a computer hosting an X Window session and the x11vnc software, continuously polling the X server's frame buffer for changes. This allows the user to control their X11 desktop from a remote computer either on the user's own network, or from over the Internet as if the user were sitting in front of it. x11vnc can also poll non-X11 frame buffer devices, such as webcams or TV tuner cards, iPAQ, Neuros OSD, the Linux console, and the Mac OS X graphics display. x11vnc is part of the LibVNCServer project and is free software available under the GNU General Public License. x11vnc was written by Karl Runge.

<span class="mw-page-title-main">X display manager</span>

In the X Window System, a X display manager is a graphical login manager which starts a login session on a X server from the same or another computer.

Remote administration refers to any method of controlling a computer or other Internet-connected device, such as a smartphone, from a remote location. There are many commercially available and free-to-use software that make remote administration easy to set up and use. Remote administration is often used when it's difficult or impractical to be physically near a system in order to use it or troubleshoot it. Many server administrators also use remote administration to control the servers around the world at remote locations. It is also used by companies and corporations to improve overall productivity as well as promote remote work. It may also refer to both legal and illegal remote administration.

<span class="mw-page-title-main">Apple Remote Desktop</span> Application by Apple

Apple Remote Desktop (ARD) is a Macintosh application produced by Apple Inc., first released on March 14, 2002, that replaced a similar product called Apple Network Assistant. Aimed at computer administrators responsible for large numbers of computers and teachers who need to assist individuals or perform group demonstrations, Apple Remote Desktop allows users to remotely control or monitor other computers over a network. Mac Pro (2019), Mac mini with a 10Gb Ethernet card, and Mac Studio (2022) have Lights Out Management function and are able to power-on by Apple Remote Desktop.

<span class="mw-page-title-main">UltraVNC</span> Remote desktop software

UltraVNC is an open-source remote-administration/remote-desktop-software utility. The client supports Microsoft Windows and Linux but the server only supports Windows. It uses the VNC protocol to allow a computer to access and control another one remotely over a network connection.

VirtualGL (VGL) is an open-source software package that redirects the 3D rendering commands from Unix and Linux OpenGL applications to 3D accelerator hardware in a dedicated server and sends the rendered output to a (thin) client located elsewhere on the network. On the server side, VirtualGL consists of a library that handles the redirection and a wrapper program that instructs applications to use this library. Clients can connect to the server either using a remote X11 connection or using an X11 proxy such as a Virtual Network Computing (VNC) server. In case of an X11 connection some client-side VirtualGL software is also needed to receive the rendered graphics output separately from the X11 stream. In case of a VNC connection no specific client-side software is needed other than the VNC client itself.

Desktop sharing is a common name for technologies and products that allow remote access and remote collaboration on a person's computer desktop through a graphical terminal emulator.

A home server is a computing server located in a private computing residence providing services to other devices inside or outside the household through a home network or the Internet. Such services may include file and printer serving, media center serving, home automation control, web serving, web caching, file sharing and synchronization, video surveillance and digital video recorder, calendar and contact sharing and synchronization, account authentication, and backup services. In the recent times, it has become very common to run hundreds of applications as containers, isolated from the host operating system.

In computing, the term remote desktop refers to a software- or operating system feature that allows a personal computer's desktop environment to be run remotely from one system, while being displayed on a separate client device. Remote desktop applications have varying features. Some allow attaching to an existing user's session and "remote controlling", either displaying the remote control session or blanking the screen. Taking over a desktop remotely is a form of remote administration.

This page is a comparison of notable remote desktop software available for various platforms.

Adaptive Internet Protocol (AIP) is a multi-channel protocol that allows an application running on any of multiple platforms to be displayed on any of a wide range of client systems. It supports rich remote display and input services with a number of display options to deliver the presentation of the remote applications onto the local display either as a standalone window, or within a contained remote environment delivered full-screen or in a standalone window. The protocol also supports audio, printing, and other device mapping services.

Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allow a user to initiate and control an interactive session on a remote computer or virtual machine over a network connection. RDS was first released in 1998 as Terminal Server in Windows NT 4.0 Terminal Server Edition, a stand-alone edition of Windows NT 4.0 Server that allowed users to log in remotely. Starting with Windows 2000, it was integrated under the name of Terminal Services as an optional component in the server editions of the Windows NT family of operating systems, receiving updates and improvements with each version of Windows. Terminal Services were then renamed to Remote Desktop Services with Windows Server 2008 R2 in 2009.

CrossLoop was a remote desktop service from CrossLoop Inc., which allowed users to share their computer screens and collaborate with others over the Internet.

In computing, SPICE is a remote-display system built for virtual environments which allows users to view a computing "desktop" environment – not only on its computer-server machine, but also from anywhere on the Internet – using a wide variety of machine architectures.

<span class="mw-page-title-main">TigerVNC</span> Open source software

TigerVNC is an open source Virtual Network Computing (VNC) server and client software, started as a fork of TightVNC in 2009. The client supports Windows, Linux and macOS. The server supports Linux. There is no server for macOS and as of release 1.11.0 the Windows server is no longer maintained.

References

  1. Richardson, T.; Stafford-Fraser, Q.; Wood, K. R.; Hopper, A. (1998). "Virtual network computing" (PDF). IEEE Internet Computing. 2: 33–38. CiteSeerX   10.1.1.17.5625 . doi:10.1109/4236.656066.
  2. The VNC family of Remote Control Applications: a list of VNC variants
  3. "VNC Frequently Asked Questions (FAQ)". 1999. Archived from the original on 15 August 2000.
  4. RealVNC Executive Profiles
  5. Copyright and trademarks RealVNC. Accessed Feb 23, 2018.
  6. "Frequently asked questions".
  7. "UltraVnc Configuration".
  8. "noVNC". GitHub .
  9. "OpenWRT VNC repeater".
  10. "uVNC repeater".
  11. "VNC® Wayland Developer Preview". 8 July 2014. Archived from the original on 14 July 2014. Retrieved 10 July 2014.
  12. "RealVNC Wayland developer preview email". freedesktop.org. 9 July 2014.
  13. How secure is TightVNC? TightVNC Frequently Asked Questions. TightVNC.com Accessed Feb 23, 2018
  14. AT&T Laboratories Cambridge (1999). "X-based VNC server". Virtual Network Computing. Archived from the original on 19 March 2007. Retrieved 24 March 2007.
  15. "OnlineVNC Server for Windows OSes".