Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Applications > Mac Applications and Mac App Store

Reply
 
Thread Tools Search this Thread Display Modes
Old Apr 18, 2007, 10:25 PM   #1
loudguitars
macrumors member
 
Join Date: Nov 2004
How do I monitor incoming connections (particularly VNC connections)?

I use VNC quite a bit with my PowerBook at home, so I leave the VNC ports open on my firewall and router. This, however, leaves me a touch paranoid about potential malfeasance should someone crack my password, and I was wondering if there's any way to monitor incoming connections from the internet.

Cursory Googling comes up dry, does anyone here have any suggestions?
loudguitars is offline   0 Reply With Quote
Old Apr 18, 2007, 11:36 PM   #2
ChrisA
macrumors G4
 
Join Date: Jan 2006
Location: Redondo Beach, California
Quote:
Originally Posted by loudguitars View Post
I use VNC quite a bit with my PowerBook at home, so I leave the VNC ports open on my firewall and router. This, however, leaves me a touch paranoid about potential malfeasance should someone crack my password, and I was wondering if there's any way to monitor incoming connections from the internet.

Cursory Googling comes up dry, does anyone here have any suggestions?
I use VNC too. Just checked my log files. Some guy on the 12th tried to log in using user "vnc" and no password. My system is set up a little better then that. But it goes to show the treat is real. The server when it starts up has some command line options one of them controls logging. You can set it to be quite verbose if you want

You could simply scan the logs periodically or if more paranoid use a remote syslog server setup to send email on various conditions. I don't go that far on my home system but set up some at work like that. syslog is very configurable (see man syslog.conf
ChrisA is offline   0 Reply With Quote
Old Apr 18, 2007, 11:50 PM   #3
JNB
macrumors 604
 
JNB's Avatar
 
Join Date: Oct 2004
Location: In a Hell predominately of my own making
Send a message via Skype™ to JNB
Quote:
Originally Posted by ChrisA View Post
I use VNC too. Just checked my log files. Some guy on the 12th tried to log in using user "vnc" and no password. My system is set up a little better then that. But it goes to show the treat is real.
Is that why I have cookies on my computer?

Sorry, that was just too easy. You oughta see my typos...
__________________

JNB is offline   0 Reply With Quote
Old Apr 19, 2007, 12:01 AM   #4
loudguitars
Thread Starter
macrumors member
 
Join Date: Nov 2004
Quote:
Originally Posted by ChrisA View Post
You could simply scan the logs periodically or if more paranoid use a remote syslog server setup to send email on various conditions. I don't go that far on my home system but set up some at work like that. syslog is very configurable (see man syslog.conf
So, bit of a dumb question, but how exactly does one check said logs? I went to the terminal and typed in syslog, but that didn't show any VNC activity (including my own login via VNC earlier today).

Last edited by loudguitars; Apr 19, 2007 at 12:20 AM. Reason: clarification
loudguitars is offline   0 Reply With Quote
Old May 8, 2008, 07:04 AM   #5
M2y2Kel
macrumors newbie
 
Join Date: May 2008
Quote:
Originally Posted by loudguitars View Post
So, bit of a dumb question, but how exactly does one check said logs? I went to the terminal and typed in syslog, but that didn't show any VNC activity (including my own login via VNC earlier today).
http://www.realvnc.com/support/serverlog.html
M2y2Kel is offline   0 Reply With Quote
Old May 8, 2008, 07:34 AM   #6
DoFoT9
macrumors P6
 
DoFoT9's Avatar
 
Join Date: Jun 2007
Location: Singapore
Send a message via AIM to DoFoT9 Send a message via MSN to DoFoT9 Send a message via Skype™ to DoFoT9
Quote:
Originally Posted by M2y2Kel View Post
and on a mac??
__________________
Official MacRumors IRC @ irc.krono.net #macrumors (Or http://kewlirc.net:9090/)
2012 2.5GHz Mac Mini Dual - 16GB RAM
Win8 PC - i5-3570k - 16GB RAM - SSD
DoFoT9 is offline   0 Reply With Quote
Old May 8, 2008, 09:55 AM   #7
Plusbits
macrumors member
 
Join Date: May 2008
Location: Birmingham, UK
Send a message via AIM to Plusbits Send a message via MSN to Plusbits
Try Little Snitch
Don't personally use it myself, but it seems the best from what I've read and heard
Plusbits is offline   0 Reply With Quote
Old May 8, 2008, 05:08 PM   #8
boast
macrumors 6502a
 
Join Date: Nov 2007
Quote:
Originally Posted by DoFoT9 View Post
and on a mac??
scroll
boast is online now   0 Reply With Quote
Old May 8, 2008, 06:16 PM   #9
jzuena
macrumors 6502a
 
jzuena's Avatar
 
Join Date: Feb 2007
Location: Burlington, MA, USA
Quote:
Originally Posted by loudguitars View Post
I use VNC quite a bit with my PowerBook at home, so I leave the VNC ports open on my firewall and router. This, however, leaves me a touch paranoid about potential malfeasance should someone crack my password, and I was wondering if there's any way to monitor incoming connections from the internet.

Cursory Googling comes up dry, does anyone here have any suggestions?
What VNC server are you using? If it is Vines, it already logs to ~/Library/Logs/VineServer.log, so you can monitor that file through the Console utility.

If you have a consumer firewall/router it should allow outbound connections from your machine to the Internet on port 5901 already, so I assume this is to allow you to get to your machine from the outside? If so, you might want to look into using ssh to connect to your computer from the Internet and then tunnel the VNC through ssh. In addition to encrypting everything, ssh can use additional authentication methods than just simple passwords. You can create public keypairs for free and bring your private key along on a USB memory stick. You can then log all ssh connections through syslog (default location is /var/log/auth.log) and monitor that in addition to the VNC connection logs.
__________________
Pilot, greyhound walker, retired bartender extraordinaire.
jzuena is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Applications > Mac Applications and Mac App Store

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Incoming Connections problem chriscrk Mac Basics and Help 0 Mar 5, 2014 09:22 AM
Block all incoming connections doubledee OS X 0 Feb 12, 2013 11:02 AM
Allowing incoming connections............ Washac Mac Pro 4 Aug 20, 2012 02:59 AM
Accept Incoming Network Connections Prompt leerkeller OS X 0 Jul 14, 2012 10:34 PM
Software like Little Snitch, but for *incoming* connections Jethryn Freyman Mac Applications and Mac App Store 0 May 30, 2012 03:39 AM

Forum Jump

All times are GMT -5. The time now is 01:37 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC