('binary' encoding is not supported, stored as-is) These are the players: Computer 1: Laptop running WinXP and fpipe. fpipe is listening on 1433 and forwarding to Computer 2 on 113. Computer 2: This host is in a DMZ and only ports 80 and 113 are allowed inbound. There are no restrictions in place on outbound traffic. It is running Windows NT4 SP6a server, IIS and fpipe. fpipe is listening on 113 and forwarding to Computer 3 on port 1433. Computer 3: This host is on the internal LAN. Only port 1433 is allowed in from the DMZ and only to this host (and only from Computer 2). There are no restrictions placed on traffic from the internal network to the DMZ or to the Internet. This is a Windows 2000 host running SQL 2000 (as local system). It is also running WinVNC. Computer 4: My laptop running MS SQL Enterprise Manager and MS SQL Query Analyzer. It is also running a netcat listener and the VNC client in listening mode. It is on the external interface of the firewall. The only host it can touch directly is Computer 2, and only on ports 80 and 113. Here is what is going on... I can sit at Computer 4, using fipe to route my traffic through Computer 1 and Computer 2, and get an active SQL session on Computer 3. That works like a charm. I can use the xp_cmdshell stored procedure to my heart's content. I can sit at Computer 3 and type at the command line to export a VNC server session to the listening VNC client on Computer 4. I can sit at Computer 3 and execute a batch file from the command line to do the same. I can do this whether the DOS window has been launched by an administrative account or by local system (using the AT command and the /interactive switch). I cannot export the session if I use AT to schedule the WinVNC command. The VNC sessions pile up in Task Manager on Computer 3, but they never connect to Computer 4. I cannot use xp_cmdshell and the SQL service to export the session, the same thing happens. I cannot export a VNC session if I use netcat to send a DOS command shell from Computer 3 to Computer 4 and then key the VNC command in the shell exported to Computer 4. Can someone please explain why I am having these problems getting WinVNC to export the session while I am using SQL, the AT command, and a netcat sent shell? More importantly, can someone please tell me how to get the WinVNC session to export? ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Oct 07 2002 - 10:58:46 PDT