WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!
VNC/port 5900 connection attempt logging in Mac OS 10.7.5?
I have an OS X 10.7.5 machine on my home network with the built-in screen sharing turned on. I connect to it from work with the built-in OS X Screen Sharing app, so it's essentially a VNC connection using the default Apple client/server software on the default port 5900.
These connections show up in /var/log/secure.log like this:
Jan 15 10:16:41 MyServer screensharingd[7630]: Authentication: SUCCEEDED
Jan 15 10:21:35 MyServer screensharingd[7630]: Authentication: FAILED
But when I look at my traffic logs (using PRTG Network Monitor), I see frequent port 5900 connections to that machine that don't correspond with any secure.log entry.
Where might those connection attempts be logged? Is there something other than screensharingd that might be handling port 5900 traffic?
These connections show up in /var/log/secure.log like this:
Jan 15 10:16:41 MyServer screensharingd[7630]: Authentication: SUCCEEDED
Jan 15 10:21:35 MyServer screensharingd[7630]: Authentication: FAILED
But when I look at my traffic logs (using PRTG Network Monitor), I see frequent port 5900 connections to that machine that don't correspond with any secure.log entry.
Where might those connection attempts be logged? Is there something other than screensharingd that might be handling port 5900 traffic?
Asked:
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Featured Post
Tackle projects and never again get stuck behind a technical roadblock.
Join Now
Another discussion on a similar issue
http://forums.macrumors.com/showthread.php?t=1414493