DMS  
 
    
 

Data Collaboration Using TightVNC

This document describes how to use a data collaboration tool called VNC to allow an individual to share the contents of her/his computer desktop with one or more other users.

In this document:

A person who shares content is referred to as a content originator.

A person who views content is referred to as a content viewer.

Using TightVNC as described below has the following advantages and limitations:

Advantages

TightVNC is freely available.

After a one time setup, it is easy for the content originator to share material whenever she/he wishes.

All content viewers may view content on a web browser (no software downloads downloads required).

Content viewers may see shared material in real time.

TightVNC can be used to share Power Point presentations, Web sites, and practically anything else that can be seen on a computer desktop (excluding audio and video).

Limitations

Initial setup is required for the content originator.

Audio and Video can not be shared.

Security risks should be carefully considered.

TightVNC Requirements

Content Originator

Networked computer computer with Windows, Linux, or Solaris (See VNC page for more details). Macs can be made content originators by following the directions at the bottom of this page. 

Content Viewer

Networked computer with Java enabled browser (includes Macs).

Instructions for Content Originator

Content originators should do the following:

1. Download TightVNC from http://www.tightvnc.com/download.html (Windows users will want the Self Installing Package for Windows).
2. Install both the client and the server.
3. Start the server (Start > Programs > TightVNC > Launch TightVNC Server).
4. Left double-click on the VNC icon in your system tray.
5. Create a password to place in the Password field.
6. Create a second password to put in the Password (view-only) field. This is the password you will usually share.
7. Check Disable Remote Keyboard & Pointer (view-only mode).

You are now ready to share the contents of your desktop (excluding audio and video). It is suggested that you email (or otherwise communicate) the following information to content viewers:

Dear Content Viewer:

You may now view content in real time at the following link (Java-enabled Web browsers, only):

http://111.222.333.444:5800

You will require the following password:

123456

Sincerely,

Content Originator

Please note that 111.222.333.444 will be replaced with the IP Address of the content originator and 123456 will be replaced with a password determined by the password originator. If you do not know your IP address, please do the following:

1. Start > Run.
2. Type in CMD and click OK.
3. Type ipconfig in the DOS box and press the Enter key on your keyboard.
4. Your IP address will be displayed.

Security Considerations (Important)

While VNC is a useful tool for data collaboration, if used improperly it can expose you to serious security risks. Following the guidelines below should help keep your system secure.

Always close TightVNC WHENEVER you are not wishing to actively share. To do this, simply right-click on the TightVNC icon in the task bar and select Close VNC.

Close VNC

Disable remote keyboard and pointer. Allowing other users to control your keyboard and mouse gives them complete control over your computer.

keyboard

Always run TightVNC in Application Mode. Do not install TightVNC as a service. Installing the TightVNC service means VNC will always run whenever your computer is on, whether you know it or not. In application mode, TightVNC stops when you stop the application. That way, you only share your desktop when you want to.

Not a Service

Use strong passwords and change them for each sharing session. Every time you share your desktop, give the session a new password. See the properties box below for details. Never leave VNC configured without a password.

Server Info

VNC for the Mac

There is a version of VNC available for Apple OSX. It is called OSXVNC. Please click here if you would like to download this for an Apple computer which runs OSX.

Note: You can view material sourced from a TightVNC-enabled PC by using a Java-enabled browser on Apple OSX. You can view material sourced from an OSXVNC-enabled Apple by using your TightVNC viewer on a PC. You can view material sourced from an OSXVNC-enabled Mac by using Chicken of the VNC viewer on an Apple (link: http://sourceforge.net/projects/cotvnc/).

On OS 10.4:

A VNC server is built-in so there is no need to use OSXVNC.  Follow the steps below and use Chicken of the VNC (Mac) or Tight VNC (PC) as your viewer.  Alternately, use the “Advanced” directions below to allow users to connect to your Mac via a java-enabled web browser.   

1) Turn on VNC Server

Go to System Preferences then to Sharing.
Check the box for “Apple Remote Desktop” and Click the “Access Privileges” button.

vnc clip one
Note: In the bottom left corner of the screen show above, there is a line saying "Others can manage your computer using the address...". The address listed there is what you should have folks point their vnc viewers to. It can also be used instead of your IP address later in these directions.
  
Check the box for “VNC Viewers may control screen with password” and enter a secure password.

vnc clip two

2) Skip to the Security (4) section below or follow the Advanced directions if desired.  

3) Advanced: Create a VNC web-server on your Mac

Go to System Preferences then to Sharing.
Check the box for “Personal Web Sharing”
Click the Firewall tab above and then Click the “New…” button
Choose VNC from the list and click OK to open up the ports for VNC.

vnc clip three

You may need to stop and start the firewall to restart it with this settings change. 

Close System Preferences and Open your hard drive icon.
Open the Users folder.  Now open the home folder of the user you’re logged in as. 
Open the Sites folder and create a new folder in there called “vnc”. 
Download the Java (viewer only) version of TightVNC from here: http://www.tightvnc.com/download.html.  You want the “Binary *.class and JAR files in Zip archive”
Extract the contents of the zip file you just downloaded and copy all the contents of the “Classes” folder into the “vnc” folder in the Sites folder you opened earlier.  Place THIS html file into that same “vnc” folder. 

  vnc clip four 

Point remote users to the web address with your ip and user name, like this http://152.3.0.0/~username/vnc/ .  They should be able to log in from any java-enabled browser, if you give them the password you entered when you set up the VNC server above.  Have them go into options and set View Only to yes if you don’t want them to share control of mouse and keyboard.  

4) Security

It is wise to turn off the VNC server whenever you are not planning to use it.  This prohibits access if security holes pop up in Mac’s VNC server or someone guesses your password. 

To turn off VNC when not in use:
Go to System Preferences then to Sharing.
Click on Apple Remote Desktop and Click the Access Privileges button.
Uncheck the box next to “VNC Viewers may control screen with password”.
Click Ok.
Click the Stop button under “Remote Desktop Control On” and then click Start and then OK after waiting a few seconds to restart your remote desktop service with the VNC server turned off. 

If you used the Advanced setup:
Check the VNC web address from above to make sure you get the error below, letting you know that your VNC server is turned off. 

 vnc clip five

 

 

 

  
     
 

 

  

 

  
   

 

  

Duke University - OIT - DMS