Monday, May 22, 2006

Reverse VNC

You can use "Reverse VNC" to offer remote support without opening a hole in the customer's firewall. As an added bonus, they initiate the connection, so there is no perceived trust issue (Customers always ask the question: "hang on, you can control my PC, any time, without me knowing?").

Assume my PC is for this example.

First, download the UltraVNC binaries.

On your side:
  1. Forward a port through the firewall to your PC, eg. 6666
  2. Start the viewer on your PC: vncviewer.exe /listen 6666
On their side:
  1. winvnc.exe
  2. winvnc.exe -connect
Make sure you have winvnc.exe and vnchooks.dll on the client's PC (put it somewhere in the path, eg. C:\Windows.

Also note that you have to launch winvnc.exe once with no parameters. You will need to set a password, which you will probably never need to use. You can also change the port here. Although the port will be specified on the command line, if you set it here to the same port, Windows Firewall will only ask you to open one hole.


As you can see, you have to start winvnc with no arguments, before then telling it to connect to your viewer in listen mode. You could put this in a script:

sleep 4
winvnc.exe -connect

This script needs sleep.exe from the Windows 2003 Resource Kit.