ndidomenico
asked on
Group Policy to allow VNC server on all workstations
After migrating our XP machines to a SBS2003 domain, the Firewall on each XP machine now prevents me from accessing the VNC server software for support purposes. Is it possible to use a Group Policy on the SBS2003 server to add the VNC software (or port 5900 if better) in the exception list of each XP Firewall, and if so, how ?
Thanks
Thanks
You do know that RDP is available on XP as is Remote Assistance?
ASKER
I use RDP if I need to "work" on the remote pc (better display quality if feel). For user assistance, I had tried Remote Assistance quite a while ago and I found it long and complex to get the session started, compared to vnc. Has it got better ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Something else you should know about VNC. It is also considered a security vulnerability by some antivirus software. I think McAfee picks it up as a bug and will remove it. As a result, some AV software will not allow you to install VNC.
McAfee doesnt give too hoots about it :) I run McAfee and the only time i have seen anything detect VNC as a bug is things like windows defender scans.....the free VNC vers 4.1.11 had a flaw in it that let a dirty trojan through....4.1.12 fixed that flaw
Hey again Jay Jay:
You're right, I was using an older version of VNC calle Tight VNC. I have changed to remote desktop since. This was a couple years ago. It was definately McAfee 4.5.xx that didn't like Tight VNC and wouldn't allow me to install VNC. It wasn't the Trojan associated with VNC.
I also saw Windows Defender not like Tight VNC, as you described. If I remember right, Defender would allow the install, but try to delete Tight VNC upon every scan.
There's no denying, things have changed and my experience with VNC is outdated.
You're right, I was using an older version of VNC calle Tight VNC. I have changed to remote desktop since. This was a couple years ago. It was definately McAfee 4.5.xx that didn't like Tight VNC and wouldn't allow me to install VNC. It wasn't the Trojan associated with VNC.
I also saw Windows Defender not like Tight VNC, as you described. If I remember right, Defender would allow the install, but try to delete Tight VNC upon every scan.
There's no denying, things have changed and my experience with VNC is outdated.
**grin** Tight VNC is much more secure than any of the real VNC versions, so you were certainly using the better options...i think McAfee must have update their deffs as i have no issue with it, though, i dont use the McAfee Security suite, just the AV module...i dont think anyone likes VNC :)
ASKER
Thanks for the shortcut Netman66. I will try to use this method now instead of Vnc.
Enable it in the Standard profile.
You'll find this in Group Policy.
Behind the SBS server, there is likely no need to firewall the clients.