FileWave Alliance

The Official Community Forum
  • Page:
  • 1

TOPIC: Security in Observe Client

Security in Observe Client 09 Dec 2015 14:19 #1997

  • Gilbert Palau
  • Gilbert Palau's Avatar Topic Author
  • Offline
  • 2nd Level - Yellow Belt
  • 2nd Level - Yellow Belt
  • ._______.
  • Posts: 108
  • Karma: 10
  • Thank you received: 26
Basically the new Observe client is a VNC client server relationship... Does it uses the std VNC ports or did FileWave re-arrange them in their usual fashion of 200?? type ports...

I also wanted to ask how did this relationship work. Is the VNC portion on the FileWave Client always on (meaning port is open all the time) or does the port only open when a request is sent to the client?

What would happen if someone scans for VNC ports and finds these on the Mac that is running FileWave client, can a hacker, for example tap into the VNC ports and access the system remote or does VNC within the FileWave client only responds if the request comes from the FileWave Server?
Gilbert Palau
Desktop Engineering
FileWave Admin
Dallas, TX

Security in Observe Client 16 Dec 2015 12:53 #2018

  • Christian Glattfelder
  • Christian Glattfelder's Avatar
  • Offline
  • FileWave Staff
  • FileWave Staff
  • Posts: 37
  • Karma: 7
  • Thank you received: 14
Hello ,

the way fwcld ( FileWave Client ) - VNC Server ( installed as part of FileWave Client 10.0.X and newer) works is as follows :

The VNC Server runs as the currently logged in user, WITHOUT any open ports towards the network.
The moment fwcld receives a notification that VNC connection is requested ( this goes through the newly introduced ZeroMQ connections , a client initiated connection to Ports 20005/20006 on the FileWave Server ) , it creates a socket towards the filewave server ( client initiated connection to Port 20030 on the FileWave Server ), and then tells the local VNC Server to connect to the local endpoint of that socket.
The FileWave server forwards this data to the Admin console, which in turn forwards it to the local VNC Viewer - this is why, on a mac, you're seeing "connecting to localhost", because the VNC Viewer is connecting to the local endpoint of the socket built by the FileWave Admin.

In summary, neither during normal operation nor during active observation of the screen will any ports be open towards the network.

Please let us know if that answers your question ,
Best Regards,
Christian Glattfelder
Systems Engineer
FileWave (Europe) GmbH
Last Edit: by Christian Glattfelder.
  • Page:
  • 1