How to tell who is connected via vnc to my machine?

networking process users vnc
22,594

On Linux,

ss sport = :5900

Would tell you the currently established TCP connections on port 5900.

For anything else, we'd need to know what VNC server you're using as there exist dozens.

If you know the name of the VNC server command,

lsof -ai tcp -c that-command

(as the user running the VNC server or as root) would also tell you the currently established TCP connections handled by that VNC server (in case it's not on port 5900).

Among the methods to close a TCP connection in the general case, there's:

  • tcpkill (from dsniff package) that fakes the TCP packets that would close a connection.
  • iptstate (Linux). If you're using a statefull firewall. You can remove the connection from the Linux connection tracker table (x in iptstate), which would usually cause newer packets to be ignored (if the firewall is configured to only accept new connections with TCP SYN). It wouldn't kill the connection, just make it inactive though.
  • Add firewall rules to reject further packets transmitted/received in that connection (on Linux, iptables with target "REJECT", matching on source and destination TCP ports and IP addresses in OUTPUT and INPUT filter chains)
  • attach gdb to the running vnc server and do call close(fd) where fd is the file descriptor for the corresponding socket (which you've found out with lsof) followed by detach (it may confuse the vnc server a lot those, calling shutdown instead of close may be safer).
Share:
22,594

Related videos on Youtube

lanes
Author by

lanes

Updated on September 18, 2022

Comments

  • lanes
    lanes over 1 year

    How do I check how many vnc connections or different users are currently connected to my machine? Only through wireshark? And how do I kill any other users connected through vnc?

  • AshMv
    AshMv over 11 years
    FYI, I needed to use sudo to run lsof to get output on my Raspberry Pi (Raspbian/Debian Linux).
  • Stéphane Chazelas
    Stéphane Chazelas over 11 years
    @HeatfanJohn. Yes a user can only see the information from the processes it owns. So you'd need to be root or the user running the vnc server.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Unable to connect through VNC
Take user name as input: if user is logged in, display running processes belonging to the user
TigerVNCViewer: unable to connect to socket: Connection Refused (10061)
VNC server doesn't start until login
Cannot Delete User
How to disable internet for a user on a system
Is it possible to store user's home directories remotely?
Remote desktop access between 2 Ubuntu 20.04 devices over the internet
How to control an Ubuntu PC from another Ubuntu PC over Internet, using mobile broadband connections?
How to find the running network services and the port and user