Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

uvnc.ini => AuthHosts-Entry not working!

Post Reply
testit
8
8
Posts: 9
Joined: 2009-07-11 22:59

uvnc.ini => AuthHosts-Entry not working!

Post by testit »

Hi,

running a UVNC 1.2.0.6 server I want to restrict access to that uvnc server so that only IPs beginning with

188.97
84.58
88.69

are allowed to connect to the uvnc server.

I added following line in uvnc.ini
AuthHosts=-:?188.97:?84.58:?88.69

and stopped and restarted the uvnc service.

Nevertheless all 1-2 minutes the default popup window for accepting/rejecting the request from outside shows up with an unknown IP number from China.

I thought that the line
AuthHosts=-:?188.97:?84.58:?88.69

stops those popups except from the IPs mentioned above (188.97:?84.58:?88.69)

Why does it not work correctly?

Thanks and best regards
testit
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: uvnc.ini => AuthHosts-Entry not working!

Post by Rudi De Vos »

AuthHosts=-:?188.97:?84.58:?88.69: end with a :
You have ? for your 3 ranges
and - for all other

The reaction depend on the QuerySetting parameter
Sample: If QuerySetting=0, then -=popup and ?=accept

QuerySetting
Define on how to react on the (-,?,+) from the Authhosts.
0="+:Accept, ?:Accept, -:Query"
1="+:Accept, ?:Accept, -:Reject"
2="+:Accept, ?:Query, -:Reject [Default]"
3="+:Query, ?:Query, -:Reject"
4="+:Query, ?:Reject, -:Reject"
testit
8
8
Posts: 9
Joined: 2009-07-11 22:59

Re: uvnc.ini => AuthHosts-Entry not working!

Post by testit »

Thanks for your reply!

But I still wonder what I am doing wrong?

QuerySetting is 2 in my uvnc.ini.

What I want is that only IP-Addresses from vodafone or beginning with
188.97
84.58
88.69

result in a query popup window on the machine where uvnc server is running on so that there the user can reject or accept the connection. ALL other IPs shall be blocked and not result in a query window what should be enabled by the "-" after AuthHosts=.

AuthHosts=-:?188.97:?84.58:?88.69

Can you please tell me what is wrong in the term mentioned above?
I still get requests and query windows by IPs from CHINA.

Thanks and best regards
testit
testit
8
8
Posts: 9
Joined: 2009-07-11 22:59

Re: uvnc.ini => AuthHosts-Entry not working!

Post by testit »

Hi,

can anyone please give me a hint what is wrong in my AuthHosts-term mentioned above?

Best regards
testit
User avatar
Rudi De Vos
Admin & Developer
Admin & Developer
Posts: 6832
Joined: 2004-04-23 10:21
Contact:

Re: uvnc.ini => AuthHosts-Entry not working!

Post by Rudi De Vos »

what er the hacker ip addresses
They are logged in mslogon.log

QuerySetting is 2
Only ip addresses that match the ? get a popup, so if the hacker ip addresses get a popup they are resolved as part of the
strings after ?

Please activate server logging it create winvnc.log
Do you see this lines, i try to access from the localhost, this is refuse
c:\users\rudi\desktop\ultravnc_953\winvnc\winvnc\vncserver.cpp : authhosts set to "-:?188.97:?84.58:?88.69"

c:\users\rudi\desktop\ultravnc_953\winvnc\winvnc\vsocket.cpp : VSocket() m_pDSMPlugin = NULL
c:\users\rudi\desktop\ultravnc_953\winvnc\winvnc\vncsockconnect.cpp : accepted connection from 127.0.0.1
...
c:\users\rudi\desktop\ultravnc_953\winvnc\winvnc\vncserver.cpp : client 127.0.0.1 verifiedHost 2 after adjustment
c:\users\rudi\desktop\ultravnc_953\winvnc\winvnc\vncserver.cpp : removing unauthorised client
authhosts set to "-:?188.97:?84.58:?88.69:?127.0"
c:\users\rudi\desktop\ultravnc_953\winvnc\winvnc\vncserver.cpp client 127.0.0.1 verifiedHost 1 prior to adjustment

The 1 indicate the strings was found as part of ther ? 127.0
The 2 indicate refused

What's the hackers ip string that's accepted for the popup ?
Post Reply