Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

Ultra VNC server sometimes reject connection

Post Reply
avess
Posts: 5
Joined: 2016-10-26 20:21

Ultra VNC server sometimes reject connection

Post by avess »

Hi,

I have two computers. Computer1 is connected to my home network and also forwards port 5905 to port 5900 on Computer2 which is connected only to Computer1. On the Computer2 there is Ultra VNC server installed and I am accessing this computer2 from my home network using domainname:5905. It works, but in some time period (random) the VNC server rejects incoming connection. Below you can see logs from rejected connection and from successful. In between there is no change in configuration, started application etc.

The difference in logs between rejected and accepted connection is in this message ".\vncserver.cpp : client 192.168.0.2 rejected due to blacklist entry". Does anybody knows what does it actually mean and how to solve it? There is not any blacklist configured on Computer2 VNC server.

REJCETED:
Tue Oct 25 11:23:38 2016
.\vsocket.cpp : VSocket() m_pDSMPlugin = NULL
.\vncsockconnect.cpp : accepted connection from 192.168.0.2
.\vncserver.cpp : AddClient() started
.\vncclient.cpp : vncClient() executing...
.\vncclient.cpp : TEST 4
.\vncclient.cpp : client connected : 192.168.0.2 (1)
.\vncserver.cpp : AddClient() done
.\vncclient.cpp : DSMPlugin Pointer to socket OK
.\vncclient.cpp : m_ms_logon set to false.\vncclient.cpp : negotiated version
Entered InitAuthenticate
c:\documents and settings\jbekx\my documents\rapid\ultravnc\trunk\winvnc\winvnc\vncPasswd.h : PASSWD : ToText called
.\vncserver.cpp : client 192.168.0.2 rejected due to blacklist entry
.\vncservice.cpp : @@@@@@@@@@@@@ GetCurrentUser - UserNAme found: User
.\vncserver.cpp : removing unauthorised client
.\vncserver.cpp : RemoveClient() done
.\vncclient.cpp : ~vncClient() executing...
.\vncclient.cpp : deleting socket
.\vsocket.cpp : closing socket


ACCEPTED:
Tue Oct 25 11:23:40 2016
.\vsocket.cpp : VSocket() m_pDSMPlugin = NULL
.\vncsockconnect.cpp : accepted connection from 192.168.0.2
.\vncserver.cpp : AddClient() started
.\vncclient.cpp : vncClient() executing...
.\vncclient.cpp : TEST 4
.\vncserver.cpp : AddClient() done
.\vncclient.cpp : client connected : 192.168.0.2 (1)
.\vncclient.cpp : DSMPlugin Pointer to socket OK
.\vncclient.cpp : m_ms_logon set to false.\vncclient.cpp : negotiated version
Entered InitAuthenticate
c:\documents and settings\jbekx\my documents\rapid\ultravnc\trunk\winvnc\winvnc\vncPasswd.h : PASSWD : ToText called
.\vncserver.cpp : client 192.168.0.2 verifiedHost 0 prior to adjustment
.\vncserver.cpp : client 192.168.0.2 verifiedHost 0 after adjustment
.\vncservice.cpp : @@@@@@@@@@@@@ GetCurrentUser - UserNAme found: User
password authentication.\vncclient.cpp : Leaving InitAuthenticate
.\vncdesktop.cpp : initialising desktop handler
--The specified module could not be found.
.\vncDesktopSW.cpp : SWinit


Thank you very much for help.
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: Ultra VNC server sometimes reject connection

Post by Rudi De Vos »

After 3 wrong passwords or connects that get cancelled without entering the password.
The ip get blacklisted and need to wait x time before you can try again.
Each failed next try increase the wait time.

This is part of the security to avoid brute force password breaking.
avess
Posts: 5
Joined: 2016-10-26 20:21

Re: Ultra VNC server sometimes reject connection

Post by avess »

Thank you for explanation but this is not my situation. I am using every time the same VNC link with the same password and in 90% the connection is accepted. I have also VNC server on Computer1 which is connected directly to LAN and there are not rejections at all. Only sometimes (randomly) the connection is rejected on Computer 2 which is connected to LAN through Computer1 port forwarder.
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: Ultra VNC server sometimes reject connection

Post by Rudi De Vos »

Check mslogon.log, all initiated connections are logged.

( same folder as winvnc.exe)
avess
Posts: 5
Joined: 2016-10-26 20:21

Re: Ultra VNC server sometimes reject connection

Post by avess »

In mslogon.log there is only successful login logged - "2/11/2016 9:20 Connection received from 192.168.0.2". Before this I was 3-times rejected. It is happening usually after longer period of computer inactivity, looks like something sleep. I have already checked all power options and disabled HDD sleep and other energy savings.
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: Ultra VNC server sometimes reject connection

Post by Rudi De Vos »

1) you get rejected because the ip is in the blacklist.
Verified code,
-AddAuthHostsBlacklist is done when a vnc viewer connect. It need to be a vnc viewer, a port scanner doesn't lock the ip address.
-RemAuthHostsBlacklist is done after authentication is correct.
-a blacklist is only valid for 10 seconds, after that the ip is released.
"rejected due to blacklist entry" exist only at one spot in the code and is called when the name or ip exist in the blacklist.


Strange, how does the ip get in the blacklisted...
It doesn't have to be a wrong password, if you connect and don't enter a password and disconnect it's also logged.
A mystery...

Nothing in the vnc logfile before blacklist reject.

This has nothing todo with it.
I have already checked all power options and disabled HDD sleep and other energy savings.
avess
Posts: 5
Joined: 2016-10-26 20:21

Re: Ultra VNC server sometimes reject connection

Post by avess »

It may be root cause of my issue because there may be several people accessing the same VNC server from one IP address. Can I somehow disable the feature that the IP is blacklisted if wrong or any password is used? I have already tried to use AuthHosts=+192.168.0.2 in intravnc.ini file, but it is still rejecting if wrong password is used several times.

Thank you,

Josef
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: Ultra VNC server sometimes reject connection

Post by Rudi De Vos »

You could use mslogon
*create a vncaccess group
*put users in this group
People logon using there own vncuser/Passwd pair.
This way you have several vnc users, and if one user gove wrong passwords, the account can get locked, but all other users still can logon.

info
http://www.uvnc.com/docs/uvnc-server/58 ... ation.html
PRDIT
Posts: 4
Joined: 2017-01-25 20:53

Re: Ultra VNC server sometimes reject connection

Post by PRDIT »

I recently installed 1.2.1.2 and I am now experiencing this issue after one failed password attempt where I did not experience it at all in 1.2.0.x. Additionally, the time it takes before I can log in again seems to be much longer than 10 seconds. To be clear, I wait well over 10 seconds before a second attempt after the very first rejection and I still receive another rejection. Was this change intentional, and is there any way to control the number of failed password attempts and/or the length of the wait time?
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: Ultra VNC server sometimes reject connection

Post by Rudi De Vos »

it's incremental
3 fails -> 10 sec
4 fails -> 20 sec
...
until you enter the correct one
PRDIT
Posts: 4
Joined: 2017-01-25 20:53

Re: Ultra VNC server sometimes reject connection

Post by PRDIT »

Rudi De Vos wrote:it's incremental
3 fails -> 10 sec
4 fails -> 20 sec
...
until you enter the correct one
I already understood that, but I'm experiencing 1 fail -> >10 sec after upgrading. I have since starting working on switching to "New MS Logon" to get around it, but MSLogonACL.exe seems to consistently fail on surface tablets with win10 deployed via surface deployment accelerator (I don't have a surface not upgraded in that way to compare against).
Post Reply