Comments (8)
Hi James. You are correct. I misread your statement about the firewall ::shame:: I saw your statement 'you can also just not allow TCP port 5900' and didn't see the default setting part. Thanks for the script and sorry about the unjustified freak-out.
from parsec-cloud-preparation-tool.
Without explanation too. I think it's safe to assume it's to hack into your server with root access.
from parsec-cloud-preparation-tool.
See Using The Parsec AMI On Amazon:
BACKUP - USE VNC
The Parsec AMI comes pre-installed with VNC for troubleshooting purposes. VNC runs with elevated privileges and is able to function in certain situations where Parsec cannot. VNC uses port TCP 5900, and has a default password of 4ubg9sde. Make sure to only allow connections to port 5900 from your IP, and change the default password immediately on login — please do these two things. It’s a major security risk if you don’t. [emphasis mine]
I agree that this important security info should also be included in the README here.
from parsec-cloud-preparation-tool.
Since all of the machines are server SKU, it seems like it'd be way better to enable RDP instead? Azure already does this by default, and it's way more sane than VNC
from parsec-cloud-preparation-tool.
Without explanation too. I think it's safe to assume it's to hack into your server with root access.
You're out of your mind.
The reason I enable VNC is because you need a secondary method for accessing the VM that doesn't protect the desktop. RDP protects the desktop while also creating a virtual desktop session and thus breaks Parsec.
You can change the password - you can also just not allow TCP port 5900 in the firewall - by default your AWS firewall doess not allow 5900...so there is no risk of unauthorized access unless you explicitly enable it. You can also set the firewall to only accept inbound connections from specific IP address', not 0.0.0.0 (all).
I agree that this important security info should also be included in the README here.
Happy to do so
from parsec-cloud-preparation-tool.
Hi James. Sorry that my tone upset you, but consider. You have a script that runs EC2 instance with full rights on other people's machines. It opens a connection that allows anyone complete access to the instance. Any reasonable person should make the assumption I did. Yes, you didn't intend to take over peoples machines, but anyone coming across this project can write a trivially simple scanner that can. The internet's a dangerous place and we need to make it as secure as possible. I think it's great you threw this script together, but one string of break-in attacks and we won't be able to use any more cool scripts like yours. Cheers.
from parsec-cloud-preparation-tool.
Hi James. Sorry that my tone upset you, but consider. You have a script that runs EC2 instance with full rights on other people's machines. It opens a connection that allows anyone complete access to the instance. Any reasonable person should make the assumption I did. Yes, you didn't intend to take over peoples machines, but anyone coming across this project can write a trivially simple scanner that can. The internet's a dangerous place and we need to make it as secure as possible. I think it's great you threw this script together, but one string of break-in attacks and we won't be able to use any more cool scripts like yours. Cheers.
VNC is not exposed to the internet unless you specificaly make changes to your AWS/Azure security group in order to allow port 5900 inbound. By default, VNC has no capability to connect to the internet.
I will document the install of VNC in the readme, along with its TCP port as well as a reminder to change the password and lock TCP 5900 down to a single IP address.
from parsec-cloud-preparation-tool.
A warning has been added to the readme.md
from parsec-cloud-preparation-tool.
Related Issues (20)
- Doesn't work on AWS HOT 1
- AccessDeniedAccess denied.Anonymous caller does not have storage.objects.list HOT 1
- Start-Process : This command cannot be run due to the error: The system cannot find the file specified. HOT 9
- Automatic shutdown triggered immediately at machine startup
- Warning "using software encoding" despite "NVIDIA TEST T4" driver HOT 1
- Exception calling "Replace" with "2" argument(s): "String cannot be of zero length.
- GPU Drivers not installing on Azure NCas_T4_v3 HOT 1
- Parsec GPU Cloud updater tool fails on Windows Server 2022 HOT 2
- Instance Profile IAM role does not work HOT 3
- parsec tested on aws g5 (nvidia a10g) HOT 6
- Access error to google cloud storage bucket for installing gpu driver HOT 6
- PC resolution is at 1920 x 1080 but for some reason upon loading a game it changes to 1366x768. HOT 1
- After running the script and trying to connect, Parsec gives error 15000 HOT 3
- Specify license
- Failed to setup at EC2 g4dn.xlarge HOT 4
- Parsec Failed to Connect Video Encoding -15000 HOT 2
- Anyone Having Trouble With Parsec an GPU do this
- Parsec works well on Aliyun gn7i (16c60g + A10) and Tencent Cloud GN7vw (16c64g + T4)
- Does the Cloud Prep Tool plan to support Window 10/11 desktop on cloud VM? HOT 1
- PostInstall lines 396/397: [System.Boolean] does not contain a method named 'trim'. HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from parsec-cloud-preparation-tool.