Network Computingwww.networkcomputing.com

Note: This article assumes you are running Windows NT and your account has administrator access; some of the tools/ techniques discussed, however, are applicable to Windows 95/98 as well.

Virtual Network Computing
If you want to run GUI applications remotely, grab a copy of AT&T Laboratories' Virtual Network Computing (VNC). VNC can be downloaded for free from AT&T Research at www.uk.research.att.com/vnc.

VNC is a server and a viewer. Once you install the server portion on a given machine, you can access that machine's display, keyboard and mouse remotely over the network by running the viewer on some other machine--this is similar to the way pcAnywhere works.

You communicate via TCP/IP on just one socket, so access over the Internet is not a problem--provided your firewall allows it. If you're firewall doesn't allow it, the TCP/IP port number used by the VNC server can be configured, so pick an unused, well-known port that is allowed by most firewalls. Most Windows NT boxes are not configured to run SMTP, so Port 25 might be a candidate. Of course, if you're not responsible for security at your site, check with your security administrator before subverting your firewall policy.

To install VNC, download the Windows NT binaries and follow the simple instructions. We rec- ommend running the VNC server as a Windows NT service. To do so, as an administrator enter

winvnc –install from a command prompt, followed by net start winvnc. You don't need to do a thing to install the viewer--a big plus for VNC. The viewer is a single .exe file and requires no special permissions and no registry hackery. And it's smaller than 200 KB, so it can be run on any PC off a floppy disk.

When you fire up the viewer, you'll see a window containing the remote machine's display. From here you can perform any function as if you were sitting in front of the remote machine: You can log in, run GUI applications from the start button and more.

The VNC remote display is fundamentally different from the multiuser technology in Microsoft Terminal Server and Citrix products. For example, Terminal Server lets multiple users productively access the same machine simultaneously because it creates a private virtual display for each remote user that has nothing to do with what's being displayed on the server's physical monitor.

With VNC, on the other hand, all remote users--as well as the user sitting in front of the machine--see the same thing. If you connect via VNC to a machine being used, you'll see what that user is doing and be able to share or take over control of the mouse/keyboard. Advantages to this approach include giving helpdesk personnel the ability to aid remote users as if the support person were sitting next to the user. Another plus: You can leave your office while in the middle of writing a document, and later reconnect from home to finish composing the document just where you left off.

Security is always a concern with remote-access services and VNC is no different. The VNC server requires a password before making a connection. Fortunately, this password is never transmitted over the network because VNC uses a challenge-response scheme for authentication. Unfortunately, post-authentication traffic is not encrypted. If this is a concern, set up PPTP (Point-to-Point Tunneling Protocol) or SSH to tunnel the traffic through a secure channel.