Packaging%20Zebedee%20and%20VNC%20with%20Delphi - PowerPoint PPT Presentation

About This Presentation
Title:

Packaging%20Zebedee%20and%20VNC%20with%20Delphi

Description:

Real VNC (Free Version) Allows remote screen control over TCP/IP ... Could be Picked up by anyone on the Internet with a VNC Viewer by calling port 5900 ... – PowerPoint PPT presentation

Number of Views:181
Avg rating:3.0/5.0
Slides: 20
Provided by: rco45
Category:

less

Transcript and Presenter's Notes

Title: Packaging%20Zebedee%20and%20VNC%20with%20Delphi


1
Packaging Zebedee and VNC with Delphi
  • Zebedee Secure Tunnel
  • VNC Remote Screen Viewer

2
Plan
  • Aim
  • VNC
  • Zebedee
  • Delphi Wrap Application
  • Hardware Firewalls
  • Software Firewalls
  • Database Access Via Zebedee
  • Look at some Code

3
Primary Aim
  • To run PC support over the internet safely.
  • Two free products
  • Real VNC (Free Version)
  • Allows remote screen control over TCP/IP
  • http//www.realvnc.com/products/enterprise/4.1/
  • Zebedee
  • Secure TCP Tunnel software
  • http//www.winton.org.uk/zebedee/
  • Delphi application used as a coordinator.
  • Starts and confirms servers
  • Provides simple tools

4
Free VNC
  • Used alone
  • No Encryption
  • Could be Picked up by anyone on the Internet with
    a VNC Viewer by calling port 5900
  • Password Authentication Only
  • Suggested configuration with Zebedee
  • Encrypted.
  • Accepts only local (127.0.0.1) calls.
  • Port 5900 should be blocked at firewalls
  • Only activated when required Remove service
    mode
  • Possible improvements
  • Warn when service mode is present
  • Change port used from 5900

5
Zebedee
  • An encrypted tunnel with compression
  • Can provide authentication
  • Can enable reverse call
  • Only Zebedee port need be exposed through firewall

Internet
VNC alone
zbd
zbd
Zebedee Tunnel
6
Zebedee
  • Out of the box
  • Sample Configuration files including one for VNC
  • Typically Execute client or server
    configuration file
  • No Filtering of permitted calls
  • No Authentication
  • Establish call by redirecting calling application
    to local Zebedee client port.
  • Suggested Configuration
  • Coded in the server and client configuration
    files.
  • Can be extended in the command line .
  • Make use of Zebedee public private key
    Authentication
  • Carefully manage server filters to limit
    permitted calls
  • Change port numbers
  • Use Reverse mode

7
Putting it all Together
  • Wrapper programs attempt to ease the installation
    of the remote service and trouble shoot both
    before and after connection is established.
  • Confirms connection to net and discovers network
    side IP address of machine
  • Confirms VNC and Zebedee executables are
    installed
  • If not install them from delivery files
  • Starts programs and confirms servers are
    operating
  • Basic status diagnostics
  • Facilitates viewing of configuration and log
    files
  • Anything else we think might be useful
  • Single Inno Setup Install of all required files
    from URL
  • http//www.innovasolutions.com.au/test/RmtSprt.htm
    l
  • I think we need to deliver 3rd party installs as
    is
  • including undesirable configuration files

8
Hardware Firewall
  • Best form of Firewall

Protected LAN
Internet
192.168.0.23-26
192.168.0.1
34.23.26.2
168.3.23.88
Controls access from Internet with clear rules
PCs are connected to safe local area
network. They can share files etc., contact LAN
servers and do not need firewall software
Corporate Fws, typically running on dedicated
boxes, will also control outgoing calls
9
Hardware Firewalls
  • The simple router based firewall generally
    requires no rules for a customer call home
    implementation.
  • At the Support Center the incoming ports have to
    be forwarded to the specific server
  • Could use broadcast I think
  • Should use specific server
  • Generally requires fixed IP address on the LAN

10
(No Transcript)
11
(No Transcript)
12
Software Firewall
  • A software program which intercepts calls to the
    IP stack to impose its rules.
  • Essential when connected to a public LAN or dial
    up.
  • Otherwise I am not a fan of these firewalls
  • They are a major cause of network problems
  • They are generally configured via an uninformed
    click
  • They can manage installed software trying to
    initiating calls.

13
Software Firewalls
  • Firewall rules must be configured on a per
    connection basis

Internet Deny incoming Call anywhere (If
Authorised)
Intranet Share Directories Share Printers Share
Databases
Café Wireless
Wireless
Dial Up
Ethernet
Hotel Ethernet
14
Database Via Zebedee
  • Configuration file at server needs to allow
    access to the Db Server Port Number
  • target MyDbServer3050
  • Configuration file at client end needs to forward
    a specified port to the Db Server
  • tunnel 1020192.168.0.763050
  • MyDbServer fails here on version 2.4.1 as
    resolved locally
  • The database client needs to be directed to that
    client port
  • Firebird can be specified by port no
  • Localhost/1020
  • Interbase needs an entry in services
  • Localhost/gds_zebedee
  • Add gds_zebedee to C\WINDOWS\system32\drivers\et
    c\Services

15
Look at Delphi CodeProcess Control
  • Starting Process
  • FZebedeeProc LaunchProcessAndReturnHandle(Cmd,
    FZebedeeTmpFile)
  • gtgtgtgtgtgtgt
  • if StdOut gt 0 then where StdOut
    FZebedeeTmpFile.Handle - Inheritable
  • begin
  • SI.hStdOutput StdOut
  • SI.hStdError StdOut
  • end
  • if not CreateProcess(nil, PChar(Cmd), nil, nil,
    True,
  • CreateFlag, nil, nil, SI, PI) then
  • raise ..
  • CloseHandle(PI.hThread)
  • Proc PI.hProcess
  • Terminating Process
  • TerminateProcess(FZebedeeProc, 8)
    gtgtgtgtgtgt ExitProcess?????
  • CloseHandle(FZebedeeProc)
  • FZebedeeProc 0

16
Look at Delphi CodeViewing Config and Log Files
function ViewFileInNotePad(const ALogFileName
string) Boolean var SystemRootDir string
NotePad string begin Result false if
FileExists(ALogFileName) then begin
SystemRootDir GetEnvironmentVariable('SystemRoo
t') NotePad ConcatToFullFileName(SystemRoo
tDir, '\system32\notepad.exe') Result
CreateProcessAndWait(NotePad ' "'
ALogFileName '"', 0, SW_Normal, '', '') gt 0
end end
17
Look at Delphi CodeDos Commands
Example Do IPConfig ACmdIPConfig TmpFile
TTemporyFile.Create try Return
CreateProcessAndWait(ACmd, 30000, SW_SHOW,

'', '', true, 0, TmpFile.Handle)
if Return0 then ViewFileInNotePad(TmpFile
.Filename) else raise
Exception.Create('Command lt' ACmd 'gt
Failed
WindowsErrorString(0)) Sleep(1000)
finally TmpFile.Free end
18
Look at Delphi CodeQuery or Probe A Port
In A Thread gtgt FSocket.Open Where FSocket
is a TClientSocket if FSocket.Active Connected
then Begin if not (FSocket.Socket.SendText
(FQuery) Length(FQuery)) then
FError 'Could not Send All Data' if
FSocket.Active Connected and not FProbe then
FResponse FSocket.Socket.ReceiveTex
t end else FError 'Failed to
Connect to ' FHost '' IntToStr(FSocket.Po
rt) FIpWait.SetEvent Suspend ltlt FSocket.Close
19
Thank You
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Packaging%20Zebedee%20and%20VNC%20with%20Delphi" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!