Virtual Network Computing

n computing, Virtual Arrangement Accretion (VNC) is a graphical desktop administration arrangement that uses the RFB agreement to accidentally ascendancy addition computer. It transmits the keyboard and abrasion contest from one computer to another, relaying the graphical awning updates aback in the added direction, over a network.

VNC is platform-independent – a VNC eyewitness on one operating arrangement may affix to a VNC server on the aforementioned or any added operating system. There are audience and servers for abounding GUI-based operating systems and for Java. Multiple audience may affix to a VNC server at the aforementioned time. Popular uses for this technology accommodate alien abstruse abutment and accessing files on one's assignment computer from one's home computer, or carnality versa.

VNC was originally developed at the Olivetti Research Laboratory in Cambridge, United Kingdom. The aboriginal VNC antecedent cipher and abounding avant-garde derivatives are accessible antecedent beneath the GNU General Public License.

There are a cardinal of variants of VNC1 which action their own accurate functionality; e.g., some optimised for Microsoft Windows, or alms book alteration (not allotment of VNC proper), etc. Abounding are accordant (without their added features) with VNC able in the faculty that a eyewitness of one flavour can affix with a server of another; others are based on VNC cipher but not accordant with accepted VNC.

VNC and RFB are registered trademarks of RealVNC Ltd. in the U.S. and in added countries.

History

VNC was created at the Cambridge, UK Olivetti & Oracle Analysis Lab (ORL 2), which was again endemic by Olivetti and Oracle Corporation. In 1999 AT&T acquired the lab, and in 2002 bankrupt bottomward the lab's analysis efforts.

Developers who formed on VNC while still at the AT&T Analysis Lab are3:

Tristan Richardson (inventor)

Andy Harter (project leader)

Quentin Stafford-Fraser

James Weatherall

Following the cease of ORL in 2002, several associates of the development aggregation (including Richardson, Harter, Weatherall and Hopper) formed RealVNC in adjustment to abide alive on accessible antecedent and bartering VNCcomputer application beneath that name.

Several added versions of VNC accept been developed from the aboriginal GPLed antecedent code. Such bifurcation has not led to affinity problems because the RFB agreement is advised to be extensible. VNC audience and servers accommodate their capabilities with handshaking in adjustment to use the best adapted options accurate at both ends.

The appellation "VNC" is now a registered brand of RealVNC Ltd. in the United States and added countries.4

Etymology

The name 'Virtual Arrangement Computer/Computing' originates from ORL's assignment on a attenuate applicant alleged the Videotile which additionally acclimated the RFB protocol. This was about an LCD with a pen ascribe and a fast ATM affiliation to the network. At the time, arrangement computer was frequently acclimated as a analogue for 'thin client'. VNC is about a software-only (i.e. virtual) adaptation of this arrangement computer.

Operation

A VNC arrangement consists of a client, a server , and a advice protocol

The VNC server is the affairs on the apparatus that shares its screen. The server irenic allows the applicant to booty ascendancy of it.

The VNC applicant (or viewer) is the affairs that watches, controls, and interacts with the server. The applicant controls the server.

The VNC agreement (RFB) is actual simple, based on one clear archaic from server to applicant ("Put a rectangle of pixel abstracts at the defined X,Y position") and accident letters from applicant to server.

In the accustomed adjustment of operation a eyewitness connects to a anchorage on the server (default anchorage 5900). Alternatively a browser can affix to the server (depending on the implementation) (default anchorage 5800). And a server can affix to a eyewitness in "listening mode" on anchorage 5500. One advantage of alert approach is that the server armpit does not accept to configure its firewall to acquiesce admission on anchorage 5900 (or 5800); the onus is on the viewer, which is advantageous if the server armpit has no computer expertise, while the eyewitness user would be accepted to be added knowledgeable.

The server sends baby rectangles of the framebuffer to the client. In its simplest form, the VNC agreement can use a lot of bandwidth, so assorted methods accept been devised to abate the advice overhead. For example, there are assorted encodings (methods to actuate the best able way to alteration these rectangles). The VNC agreement allows the applicant and server to accommodate which encoding will be used. The simplest encoding, which is accurate by all audience and servers, is the raw encoding area pixel abstracts is beatific in left-to-right scanline order, and afterwards the aboriginal abounding awning has been transmitted, alone transfers rectangles that change. This encoding works actual able-bodied if alone a baby allocation of the awning changes from one anatomy to the abutting (like a abrasion arrow affective beyond a desktop, or argument actuality accounting at the cursor), but bandwidth demands get actual aerial if a lot of pixels change at the aforementioned time, such as back scrolling a window or examination full-screen video.

VNC by absence uses TCP anchorage 5900+N,56 area N is the affectation cardinal (usually :0 for a concrete display). Several implementations additionally alpha a basal HTTP server on anchorage 5800+N to accommodate a VNC eyewitness as a Java applet, acceptance accessible affiliation through any Java-enabled web browser. Different anchorage assignments can be acclimated as continued as both applicant and server are configured accordingly.

Using VNC over the Internet works able-bodied if the user has a broadband affiliation at both ends. However, it may crave avant-garde NAT, firewall and router agreement such as anchorage forwarding in adjustment for the affiliation to go through. Some users may accept to use burning clandestine networking applications such as Virtual Clandestine Arrangement (VPN) applications such as Hamachi to accomplish acceptance over the Internet abundant easier. Alternatively, a VNC affiliation can be accustomed as a LAN affiliation if VPN is activated as a proxy.

Note that the apparatus the VNC server is active on does not charge to accept a concrete display. Xvnc is the Unix VNC server, which is based on a accepted X server. To applications Xvnc is an X "server" (ie displays applicant windows), and to alien VNC users it is a VNC server. Applications can affectation themselves on Xvnc as if it were a accustomed X display, but they will arise on any affiliated VNC admirers rather than on a concrete screen.7 Alternatively a apparatus (which may be a workstation or a arrangement server) with screen, keyboard, and abrasion can be set up to cossack and run the VNC server as a account or daemon, again the screen, keyboard, and abrasion can be removed and the apparatus stored in an out-of-the way location.

In addition, the affectation that is served by VNC is not necessarily the aforementioned affectation apparent by a user on the server. On Unix/Linux computers that abutment assorted accompanying X11 sessions, VNC may be set to serve a accurate absolute X11 session, or to alpha one of its own. It is additionally accessible to run assorted VNC sessions from the aforementioned computer. On Microsoft Windows the VNC affair served is consistently the accepted user session.

VNC is frequently acclimated as a cross-platform alien desktop system. For example, Apple Alien Desktop for Mac OS X (and added recently, "Back to My Mac" in 'Leopard' - Mac OS X 10.5) interoperates with VNC and will affix to a Linux user's accepted desktop if it is served with x11vnc, or to a abstracted X11 affair if one is served with TightVNC. From Linux, TightVNC will affix to a Mac OS X affair served by Apple Alien Desktop if the VNC advantage is enabled, or to a VNC server active on Microsoft Windows.

Security

By default, RFB is not a defended protocol. While passwords are not beatific in plain-text (as in telnet), arise could prove acknowledged if both the encryption key and encoded countersign are sniffed from a network. For this acumen it is recommended that a countersign of at atomic 8 characters be used. On the added hand, there is additionally an 8-character absolute on some versions of VNC; if a countersign is beatific beyond 8 characters, the balance characters are removed and the truncated cord is compared to the password.

However, VNC may be tunnelled over an SSH or VPN affiliation which would add an added aegis band with stronger encryption. SSH audience are accessible for all above platforms (and abounding abate platforms as well); SSH tunnels can be created from UNIX clients, Microsoft Windows clients, Macintosh audience (including Mac OS X and System 7 and up) – and abounding others. There are freeware applications that actualize burning VPN tunnels amid computers.

UltraVNC supports the use of an open-source encryption plugin which encrypts the absolute VNC affair including countersign affidavit and abstracts transfer. It additionally allows affidavit to be performed based on NTLM and Active Directory user accounts. However, use of such encryption plugins accomplish it adverse with added VNC programs. RealVNC offers high-strength AES encryption as allotment of its bartering package, forth with affiliation with Active Directory. Workspot appear AES encryption patches for VNC.

Limitations

Unicode is not accurate in RFB versions 3.x and lower so it is absurd to alteration clipboard argument alfresco the Latin-1 appearance set.

The VNC agreement is pixel based. Although this leads to abundant adaptability (i.e.- any blazon of desktop can be displayed), it is generally beneath able than solutions that accept a more good compassionate of the basal clear blueprint like X11 or Windows Remote Desktop Protocol. Those protocols accelerate clear primitives or aerial akin commands in a simpler anatomy (e.g., "open window"), admitting RFB aloof sends the raw pixel data.