REPEATER SECURITY WARNING

Should you have problems with the MS logon plugin, here's the place to look for help or report issues.

REPEATER SECURITY WARNING

Postby Rudi De Vos » 2016-05-14 15:27

Use mode 1 with care and when not used disabled it.
If you don't need mode 1 MODE: I[_] !!DISABLE IT!!
If you use mode 1, make sure you limit the access to the server you want to have it access to.
This is a ; seperated list of ip addresses

In mode 1, the viewer define server + port ... if you don't limit the access someone can use your repeater
as proxy to go to other severs.

We are working on an update, so you can preset a list of the allowed outgoing ip:port pairs instead of the ip addresses only.

Image

http://www.uvnc.com/downloads/repeater/ ... loads.html
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5438
Joined: 2004-04-23 10:21

Re: REPEATER SECURITY WARNING

Postby LFCavalcanti » 2016-05-19 14:23

Hi!

I'm developing a kind of continuation of ChunkVNC: https://github.com/LFCavalcanti/intermix

So far we are using this new client with the repeater, we have restricted access on the Firewall for the Viewer port only from our network, we also use other ports instead of the standard ones and... we are using the Secure Plugin with certificates.

I think our setup is safe... right?
LFCavalcanti
8
8
 
Posts: 17
Joined: 2013-05-06 14:51

Re: REPEATER SECURITY WARNING

Postby Rudi De Vos » 2016-05-19 17:04

In mode I, the viewer ask to open port A to ip X.
You need te make sure the the repeater can only connect to predefined ip:port and disallow all other connections.
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5438
Joined: 2004-04-23 10:21

Re: REPEATER SECURITY WARNING

Postby LFCavalcanti » 2016-05-19 17:34

Rudi De Vos wrote:In mode I, the viewer ask to open port A to ip X.
You need te make sure the the repeater can only connect to predefined ip:port and disallow all other connections.


Sorry, I'm confused...

In Mode I, even if the port is not open to the Internet, you know, blocked on the Firewall, any viewer can still establish a connection?

Because as it stands now, only the server port is exposed to the internet and the firewall on the server the repeater is running, only accepts viewer connections from our local network.

EDIT: And yes, all other ports not in use in that server are blocked.
LFCavalcanti
8
8
 
Posts: 17
Joined: 2013-05-06 14:51

Re: REPEATER SECURITY WARNING

Postby Rudi De Vos » 2016-05-20 11:40

The warning is for the repeater software.
*The repater allow to setup a filter and limit the outgoing traffic

Natural, you can use a firewall todo the same, but then it's up to you.
Not all people have the knowledge to do that
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5438
Joined: 2004-04-23 10:21

Re: REPEATER SECURITY WARNING

Postby hipp-e » 2016-08-15 20:43

Thanks for your work, using uvnc servers everyday and almost happy
The repeater is not available today - is this some kind of temporary problem or it's being removed from the uvnc family ?
another question is : will modern uvnc servers support connecting through the repeater ?
hipp-e
 
Posts: 1
Joined: 2016-08-15 20:31

Re: REPEATER SECURITY WARNING

Postby Rudi De Vos » 2016-08-16 18:14

Repater has been updated and can be downloaded from the repeater download page

http://www.uvnc.com/downloads/repeater/ ... loads.html

Forum links are usual test links, we try to keep the server links all up and runnning.
If some server link doesn't work, please notify us so we can check the security settings on the download server.
Sometimes settings are bad after a loadbalance switch.
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5438
Joined: 2004-04-23 10:21


Return to MS logon plugin

Who is online

Users browsing this forum: No registered users and 1 guest