.svg)
VNC (Virtual Network Computing) is a graphical desktop-sharing system that uses theRemote Frame Buffer protocol (RFB) to remotely control anothercomputer. It transmits thekeyboard andmouse input from one computer to another, relaying the graphical-screen updates, over anetwork.[1] Popular uses for this technology include remote technical support and accessing files on one's work computer from one's home computer, or vice versa.
VNC is platform-independent, with clients and servers for many GUI-based operating systems and forJava. Multiple clients may connect to a VNC server at the same time. There are a number of variants of VNC[2] which offer their own particular functionality; e.g., some optimised forMicrosoft Windows, or offering file transfer (not part of VNC proper), etc. Many are compatible (without their added features) with VNC proper in the sense that a viewer of one flavour can connect with a server of another; others are based on VNC code but not compatible with standard VNC.
VNC was originally developed at theOlivetti & Oracle Research Lab in Cambridge, United Kingdom, whose developers subsequently createdRealVNC Ltd and claimed VNC and RFB asregistered trademarks in the US and some other countries. The original VNCsource code and many modern derivatives areopen source under theGNU General Public License.
The Olivetti & Oracle Research Lab (ORL)[3] at Cambridge in the UK developed VNC at a time whenOlivetti andOracle Corporation owned the lab. Developers who worked on VNC while at the AT&T Research Lab include Tristan Richardson (inventor),Andy Harter (project leader),Quentin Stafford-Fraser, James Weatherall andAndy Hopper.[4] The nameVirtual Network Computer/Computing (VNC) originated with ORL's work on athin client called the Videotile, which also used the RFB protocol. The Videotile had an LCD display with pen input and a fastATM connection to the network. At the time,network computer was commonly used as a synonym for a thin client; VNC is essentially a software-only (i.e. virtual) network computer.[citation needed]
In 1999, AT&T acquired the lab, and in 2002 closed down the lab's research efforts. Following this, several members of the development team (including Richardson, Harter, Weatherall and Hopper) formed RealVNC in order to continue working onopen-source and commercial VNC software under that name. As of 2013[update],RealVNC Ltd claims the term "VNC" as a registered trademark in the United States and in other countries.[5]
The original GPLed source code has fed into several other versions of VNC. Suchforking has not led to compatibility problems because the RFB protocol is designed to be extensible. VNC clients and servers negotiate their capabilities withhandshaking in order to use the most appropriate options supported at both ends.
The VNCserver is the program on the machine that shares some screen (and may not be related to a physical display: the server can be"headless"), and allows the client to share control of it. The VNCclient (or viewer) is the program that represents the screen data originating from the server, receives updates from it, and presumably controls it by informing the server of collected local input. The VNCprotocol (RFB protocol) is very simple, based on transmitting one graphic primitive from server to client ("Put a rectangle ofpixel data at the specified X,Y position") andevent messages from client to server.
In the normal method of operation a viewer connects to a port on the server (default port: 5900). Alternatively (depending on the implementation) a browser can connect to the server (default port: 5800). And a server can connect to a viewer in "listening mode" on port 5500. One advantage of listening mode is that the server site does not have to configure its firewall to allow access on port 5900 (or 5800); the duty is on the viewer, which is useful if the server site has no computer expertise and the viewer user is more knowledgeable.
The server sends small rectangles of theframebuffer to the client. In its simplest form, the VNC protocol can use a lot ofbandwidth, so various methods have been devised to reduce the communication overhead. For example, there are variousencodings (methods to determine the most efficient way to transfer these rectangles). The VNC protocol allows the client and server to negotiate which encoding they will use. The simplest encoding, supported by all clients and servers, israw encoding, which sends pixel data in left-to-rightscanline order, and after the original full screen has been transmitted, transfers only rectangles that change. This encoding works very well if only a small portion of the screen changes from one frame to the next (as when a mouse pointer moves across a desktop, or when text is written at the cursor), but bandwidth demands get very high if a lot of pixels change at the same time (such as when scrolling a window or viewing full-screen video).
VNC by default usesTCP port 5900+N,[6][7] whereN is the display number (usually :0 for a physical display). Several implementations also start a basicHTTPserver on port 5800+N to provide a VNC viewer as aJava applet, allowing easy connection through any Java-enabled web-browser. Different port assignments can be used as long as both client and server are configured accordingly. A HTML5 VNC client implementation for modern browsers (no plugins required) exists too.[8]
Although possible even on low bandwidth, using VNC over the Internet is facilitated if the user has abroadband connection at both ends. However, it may require advancednetwork address translation (NAT),firewall androuter configuration such as port forwarding in order for the connection to go through. Users may establish communication throughvirtual private network (VPN) technologies to ease usage over the Internet, or as a LAN connection if VPN is used as a proxy, or through a VNC repeater (useful in presence of a NAT).[9][10]
In addition, the display that is served by VNC is not necessarily the same display seen by a user on the server. On Unix/Linux computers that support multiple simultaneous X11 sessions, VNC may be set to serve a particular existing X11 session, or to start one of its own. It is also possible to run multiple VNC sessions from the same computer. On Microsoft Windows the VNC session served is always the current user session.[citation needed]
In July 2014RealVNC published aWayland developer preview.[11][12]
 | This sectiondoes notcite anysources. Please helpimprove this section byadding citations to reliable sources. Unsourced material may be challenged andremoved. Find sources: "VNC" – news ·newspapers ·books ·scholar ·JSTOR(September 2024) (Learn how and when to remove this message) |
By default, RFB is not a secure protocol. Whilepasswords are not sent in plain-text (as intelnet), cracking could prove successful if both theencryption key and encoded password weresniffed from a network. For this reason it is recommended that a password of at least 8 characters be used. On the other hand, there is also an 8-character limit on some versions of VNC; if a password is sent exceeding 8 characters, the excess characters are removed and the truncated string is compared to the password.
UltraVNC supports the use of an open-source encryption plugin which encrypts the entire VNC session including password authentication and data transfer. It also allows authentication to be performed based onNTLM andActive Directory user accounts. However, use of such encryption plugins makes it incompatible with other VNC programs. RealVNC offers high-strength AES encryption as part of its commercial package, along with integration with Active Directory.Workspot releasedAES encryption patches for VNC. According to TightVNC,[13] TightVNC is not secure as picture data is transmitted without encryption. To circumvent this, it should be tunneled through an SSH connection (see below).
VNC may be tunneled over anSSH orVPN connection which would add an extra security layer with stronger encryption.[citation needed]
An additional security concern for the use of VNC is to check whether the version used requires authorization from the remote computer owner before someone takes control of their device. This will avoid the situation where the owner of the computer accessed realizes there is someone in control of their device without previous notice.[original research?]
Xvnc is the Unix VNC server, which is based on a standardX server. To applications, Xvnc appears as an X "server" (i.e., it displays client windows), and to remote VNC users it is a VNC server. Applications can display themselves on Xvnc as if it were a normal X display, but they will appear on any connected VNC viewers rather than on a physical screen.[14] Alternatively, a machine (which may be a workstation or a network server) with screen, keyboard, and mouse can be set up to boot and run the VNC server as a service or daemon, then the screen, keyboard, and mouse can be removed and the machine stored in an out-of-the way location.
Users commonly deploy VNC as a cross-platform remote desktop system. For example,Apple Remote Desktop forMac OS X (and "Back to My Mac" in versions 10.5 through 10.13) interoperates with VNC and will connect to a Unix user's current desktop if it is served withx11vnc, or to a separate X11 session if one is served withTightVNC. From Unix, TightVNC will connect to a Mac OS X session served by Apple Remote Desktop if the VNC option is enabled, or to a VNC server running on Microsoft Windows.[15]
Other programs or software libraries which implement VNC includeKrfb,Libvncserver, PocketVNC,Remmina,TigerVNC,TightVNC,VirtualGL, andVinagre.
