How do I monitor incoming connections (particularly VNC connections)?

Discussion in 'Mac Applications and Mac App Store' started by loudguitars, Apr 18, 2007.

  1. macrumors member

    Joined:
    Nov 3, 2004
    #1
    I use VNC quite a bit with my PowerBook at home, so I leave the VNC ports open on my firewall and router. This, however, leaves me a touch paranoid about potential malfeasance should someone crack my password, and I was wondering if there's any way to monitor incoming connections from the internet.

    Cursory Googling comes up dry, does anyone here have any suggestions?
     
  2. macrumors G4

    Joined:
    Jan 5, 2006
    Location:
    Redondo Beach, California
    #2
    I use VNC too. Just checked my log files. Some guy on the 12th tried to log in using user "vnc" and no password. My system is set up a little better then that. But it goes to show the treat is real. The server when it starts up has some command line options one of them controls logging. You can set it to be quite verbose if you want

    You could simply scan the logs periodically or if more paranoid use a remote syslog server setup to send email on various conditions. I don't go that far on my home system but set up some at work like that. syslog is very configurable (see man syslog.conf
     
  3. JNB
    macrumors 604

    JNB

    Joined:
    Oct 7, 2004
    Location:
    In a Hell predominately of my own making
    #3
    Is that why I have cookies on my computer? :p

    Sorry, that was just too easy. You oughta see my typos...
     
  4. thread starter macrumors member

    Joined:
    Nov 3, 2004
    #4
    So, bit of a dumb question, but how exactly does one check said logs? I went to the terminal and typed in syslog, but that didn't show any VNC activity (including my own login via VNC earlier today).
     
  5. macrumors newbie

    Joined:
    May 8, 2008
    #5
    http://www.realvnc.com/support/serverlog.html
     
  6. macrumors P6

    DoFoT9

    Joined:
    Jun 11, 2007
    Location:
    Singapore
    #6
  7. macrumors member

    Plusbits

    Joined:
    May 4, 2008
    Location:
    Birmingham, UK
    #7
    Try Little Snitch
    Don't personally use it myself, but it seems the best from what I've read and heard
     
  8. macrumors 6502a

    boast

    Joined:
    Nov 12, 2007
    Location:
    AZ
    #8
    scroll
     
  9. macrumors 6502a

    jzuena

    Joined:
    Feb 21, 2007
    Location:
    Burlington, MA, USA
    #9
    What VNC server are you using? If it is Vines, it already logs to ~/Library/Logs/VineServer.log, so you can monitor that file through the Console utility.

    If you have a consumer firewall/router it should allow outbound connections from your machine to the Internet on port 5901 already, so I assume this is to allow you to get to your machine from the outside? If so, you might want to look into using ssh to connect to your computer from the Internet and then tunnel the VNC through ssh. In addition to encrypting everything, ssh can use additional authentication methods than just simple passwords. You can create public keypairs for free and bring your private key along on a USB memory stick. You can then log all ssh connections through syslog (default location is /var/log/auth.log) and monitor that in addition to the VNC connection logs.
     

Share This Page