Create your own VNC support package in 640Kb
Like a lot of people, a lot of my friends are computer-savvy - either they are in the field or have grown up with them and like using them. With that comes the expected responsibility, usually family or sometimes friends will say "My computers broken, come and fix it for me"
Assuming you are going to help them (one friend came up with the solution of telling people they need a new PC every single time or taking their PC home with them and never bothering to return it) carting yourself to your parents/family/friends every time they have an issue or question is not always convenient, so remote assistance (of course!) is the answer.
Now, there is a remote assistance built into XP. However, unless both sides are set up with uPnP routers, Windows XP, MSN messenger (and some luck) it can be troublesome.
With this in mind, we created a package at runPCrun using the popular and open source TightVNC. We've used it successfully for many years at runPCrun using reverse connections to get around the problem of NAT traversal and it's always worked very well.
I'm releasing a cut down version of the Inno Setup source we use to package it, along with simple instructions for you to follow to create your own support package.
It's a simple piece of scripting but it can be deployed quite effectively. Now I am aware there are things like UltraVNC Single Click (here is a good Lifehacker article on the subject), and it definitely has it's place and we use it ourselves. However two main limitations apply
- It can't be run as service, so no logoff/logon can be performed and Ctrl-Alt-Del is not supported.
- Other useful utilities aren't packaged with it
This package is created just once, which will create a setup program for people to be able to install and connect to you. This setup package can be sent via email (or linked via a website download) to anyone that needs your help.
Because it uses reverse connections, it will work through almost all NAT devices and firewalls, and is not dependent on Windows XP, MSN Messenger or anything else on their PC for it to work. It will work on Windows 98/98SE/Me/2000 as well as XP on both sides. (Even Linux/WINE) .
Of course any personal firewalls that ask for applications to be "allowed" out from the PC will need to be unblocked for this to work (as with any other application) These usually signal you at the time of install so shouldn't be any more of a problem than usual. Any hardware firewalls with "Deny" rules can affect it also but these are unlikely in a home environment.
Interested? Then lets build the package.
Making yourself available for connection
If you do not have a static IP address from your ISP then I recommend using a Dynamic DNS Provider. Dynamic DNS providers such as No-IP and DynDNS have worked very well for me in the past.
Some commercial routers support dynamic DNS from various providers out of the box also, so you don't have to run any programs or services on your PC. I know Netgear do this and some Linksys routers.
Once you have a DNS lookup for your routers IP, open port 5500 on your router and forward it to your PC. This is usually very simple but it is individual to each router so there are no step-by-step instructions here.
You should be able to leave it forwarding permanently without any problems, as no other services other than reverse VNC use it as far as I am aware.
Downloading the software you need
- Download and install the latest Inno Setup (it's free software)
- Install and leave "Associate Inno Setup with the .iss file extension" checkbox ticked - this will come in useful a bit later.
- Now we will get the files to include in our package. Download and extract mysupport.zip OR if you wish to skip to the next section then you may download mysupportwithfiles.zip
- Get the remote support package - TightVNC by going to http://www.tightvnc.com/download.html
- Download the latest "Complete set of executables, no installer"
- Extract these files, and then place these 3 files into your source\vnc folder.
- WinVNC.exe
- VNCHooks.dll
- vncviewer.exe
You don't have to use TightVNC, UltraVNC works just as well with no changes. I am sure other flavours of VNC such as RealVNC should work also if this is your preference, the changes necessary should be minimal at best, however this is outside the scope of this article so I'll leave that for you to figure out.
Modifying the script to connect to you
Open "mysupport.iss" in InnoSetup. (you can double click on it if the file extension was ticked previously)
In the file there is a section stating
;***********THIS IS THE PART YOU MUST EDIT BELOW **********
Connect to Me
Name: "{group}\Get help"; Filename: "{app}\vnc\WinVNC.exe"; Parameters: "-connect mypc.dns.com"; WorkingDir: "{app}";
;"Connect to" on Desktop if desktop icon checkbox selected
Name: "{commondesktop}\Get help"; Filename: "{app}\vnc\WinVNC.exe"; Parameters: "-connect mypc.dns.com"; Tasks: desktopicon
;***********THIS IS THE PART YOU MUST EDIT ABOVE ************
You must edit the mypc.dns.com part to match the DNS of your broadband line or your IP if it is static and have no DNS assigned.
Under [Setup] at the start of the file there is variables like AppName, AppVerName, DefaultDirName etc. If you want you can customise the name of the setup and the resulting directory it is installed too
Once your editing is complete, press Build > Compile in InnoSetup and your resulting setup.exe will be sat in the Output folder. Here is the example compilation.
How to use it
- Have your Dynamic DNS program running (if necessary)
- Have the VNCViewer program running in "Listen" mode, preferably with 8-bit colour for the best performance. (you can make a shortcut with "vncviewer.exe" /8bit /listen if you want)
Now the next time your father/sister/uncle/girlfriend/grandmother needs your help,
- Tell them download the setup. You can send it via email or a web download link.
- Ask them to install it. Just double click the install and click "Next" until finished.
- If the PC pops up a firewall or antispyware warning, talk them through it. Windows XP SP2 will quite often ask if you want to "Block" VNC. In which case blocking is fine because we don't need inbound connections. If similar firewall software asks you what to do you may block inbound, but don't block outbound. VNC is sometimes identified as a "Potentially Unwanted Program". Of course any remote support program could be put to evil use so this identification is normal. If you want this to work then leave the "PUP" installed.
- Ask them click on the "Get Help" icon, and their screen pops up on yours.
No more mess, no fuss, no bother!
WARNING: This tutorial has used VNC without ANY encryption configured. It is possible that a "man in the middle" attack could be performed "sniffing" what you are doing and reconstructing any keypresses or details that you deal with whilst in the remote session. This tool is designed for troubleshooting purposes only. DO NOT log into secure networks such as banking websites etc whilst using this support tool! You have been warned!
So what else is in there?
Some useful extras in the "Diagnostics" sub-menu.
- Edit Hosts - Opens the hosts file in notepad.
- IP Config -Puts ipconfig /all up in a command box, useful if they have no connectivity.
- IP Renew - Does a ipconfig /renew
- Network Diagnostics - Shows the your current IP, and does various tests to diagnose network and Internet connectivity if you can't connect.
- Network Diagnostics (log) - In the cases of intermittent failure of network or Internet this does the above test but logs it quietly to a text file for later analysis.
- Reset TCPIP-log (log) - Resets TCP/IP stack using the netsh command.
- Restart Print Spooler - Stop/start printer spooler. Cures some common printer problems.
- Router web interface - Opens up the Default Gateway in the default browser. A lot of routers have web interfaces.
- System Restore - The standard Windows System Restore feature.
Plugging in extra software to cover more situations
There are other pieces of software worth plugging into the package. To have them there to be ready and waiting when disaster strikes is most useful. I've presented these two components as I deem them the most important, although there are many more that are worthy of inclusion.
Web browser
The first is a replacement web browser, Off By One Web Browser is perfect at 1.2Mb (~450kb compressed in our installer) in case the existing browser fails to function, especially in cases of malware/fraudware. A replacement browser waiting to download a fix is useful (I try not to assume that everyone has Mozilla Firefox / Opera or Chrome installed). Win32 wget could suffice, but not really as friendly.
- Go to http://offbyone.com/offbyone/
- and download the Off by One in ZIP (with or without SSL)
- Extract and place it in \source\diagnosis folder
- Remove the ; from the start of line 43 - changing
;Name: "{group}\Diagnostics\OB1 Browser"; Filename: "{app}\diagnosis\ob1.exe";
to
Name: "{group}\Diagnostics\OB1 Browser"; Filename: "{app}\diagnosis\ob1.exe";
Spyware removal and other startup programs removal
Secondly, HiJackThis - as well as being a general hijackers detector and remover, I find it is a quick way of seeing all the programs that run at startup, and be able to prune them as necessary.
- Download the latest HijackThis and place in \source\diagnosis folder.
- Remove the ; from the start of line 46 - changing
;Name: "{group}\Diagnostics\HijackThis"; Filename: "{app}\diagnosis\HijackThis.exe";
to
Name: "{group}\Diagnostics\HijackThis"; Filename: "{app}\diagnosis\HijackThis.exe";
Please note that since this article was written Trend Micros have bought HijackThis. Please refer to the current EULA if distributing commercially.
Of course if you want add more, you can add them to the diagnosis folder, and create the shortcuts in the Innosetup script similar to the ones already present.
Obviously there are also many,many more useful (and small) programs out there for PC repair and diagnosis that you can package up with this if you so wish. (See the 32Mb USB PC Repair Kit for a whole bunch) My aim here was to keep the package as small as possible and just show how easy it is to create this tool.
Removing the support package
Just remove as normal using the Control Panel > Add / Remove Files window.
So that's it. If anyone decides to add more tools, improve and make this remote support package much better then I would love to see the results, just comment here or send them in to support@runpcrun.com
Attachment | Size |
---|---|
mysupportwithfiles.zip | 446.58 KB |
mysupport.zip | 11.07 KB |
setupexample.exe | 638.95 KB |
Comments
Thank you for the tutorial
The default password is
We use this behind NAT's, or if they are that 1% of the population directly connected to the Internet, that they make sure Windows or their 3rd party firewall blocks incoming connections.
To change the password is quite easy. Simply change it on your machine to the password you would like (no more than 8 characters as TightVNC truncates it to 8) and then take the hex directly from the key in the registry.
and copy it into the relevant part of the script.
Re: Changing the default
Regarding the VNC icon. You
Good tutorial, but there is
Interesting site, I will
To change the icon, you have
I just created a little
(Logmeinfree) or (Hamachi +
Thanks for this package,
Very easily! If you and your
Very easily! If you and your brother are at the same location (behind the same router), you would do it like this (changing the name part to something sensible for you):-
;***********THIS IS THE PART YOU MUST EDIT BELOW **********
Connect to Me
Name: "{group}\Get help from me"; Filename: "{app}\vnc\WinVNC.exe"; Parameters: "-connect mypc.dns.com"; WorkingDir: "{app}";
Connect to Brother
Name: "{group}\Get help from brother"; Filename: "{app}\vnc\WinVNC.exe"; Parameters: "-connect mypc.dns.com:1"; WorkingDir: "{app}";
;"Connect to" on Desktop if desktop icon checkbox selected
Name: "{commondesktop}\Get help from me"; Filename: "{app}\vnc\WinVNC.exe"; Parameters: "-connect mypc.dns.com"; Tasks: desktopicon
Connect to Brother on Desktop if desktop icon checkbox selected
Name: "{commondesktop}\Get help from brother"; Filename: "{app}\vnc\WinVNC.exe"; Parameters: "-connect mypc.dns.com:1"; WorkingDir: "{app}";
;***********THIS IS THE PART YOU MUST EDIT ABOVE ************
Then create another port forward for port 5501 to your brothers PC on your router.
Lastly get his VNCviewer to listen on that port. Either by right clicking on it, going to "default connect options" > Globals Tab and change "Listening mode" "accept reverse VNC connections on TCP port" can change this to 5501.
(You can repeat this, incrementing the number after the parameter and changing the port forward and VNCviewer in each instance.)
If you are in different locations then you simply put in his (dynamic) DNS in there instead and ignore the different ports
Is there any way during the
I believe all you need to do
Very often it is only
As fully explained above,
I have been using this
Thank you for your comment.
Hello! I am a software
Oh! I didn't put any contact
Hi, Is there a way of
Is there a tutorial on how
Try searching for reverse
Try searching for reverse vnc connections on linux
I've been using a nice free
I've been using a nice free cross-platform VNC based tool for remote support: http://code.google.com/p/gitso/
Works fine for NAT2NAT connection, you just need to forward port 5500 on the router of the side that's is giving support.
This rocks! Followed the
This is great, I just can't
You'll need to provide a
You'll need to provide a little more information that that.
* Describe the symptoms of your problem carefully and clearly.
* Describe the environment in which it occurs
* Describe the research you did to try and understand the problem before you asked the question.
* Describe the diagnostic steps you took to try and pin down the problem yourself before you asked the question.
* If at all possible, provide a way to reproduce the problem in a controlled environment.
From How To Ask Questions The Smart Way