i find myself breaking things far too often. maybe i’ve broken a lot more than i wanted to.

i’m a software engineer gone cyber security geek. i love to pentest, code, and break things… not in that order. i also game from time to time. stick around, you may like my content.

tech – tips – reviews – gaming

a developer gone cyber security geek

The Geek Bin

NoMachine: My review

I’ve been experimenting with NoMachine since yesterday to see how it holds it. So far it’s been a successful test on my local machine, and I can easily connect to remote machines.

Pros

Latency? What latency! Generally, you don’t notice much if any latency when using NoMachine, just like you’d expect from Remote Desktop Protocol, VNC, and even TeamViewer.

Full Control! I can fully control this machine, execute any commands I’d like without having to worry about getting the logged in user to approve my actions. This is also configurable, which makes it even better!

Access VNC Desktops! I found out this morning that if you have a vnc server running and a desktop open (even if you’re not connected via VNC), when opening NoMachine, it’ll show you available desktops (0 or 1 or <n> desktops), I selected 1, and it brought me to the VNC session Desktop, so now I’m controlling my regular desktops plus the VNC session without having to open VNC anymore.

Cons

Font Rendering: The fonts appear a bit pixelated when scaling to 1920×1080, but seem to resolve themselves when you scale higher, or lower (eg 800×600), I’ve tried with three different monitors all 1920×1080, and one 4K monitor. This is consistent on 1920x1080p screens.

Desktop Application is required if you want to connect: In the future, it would be great if it had some compatible web-client, which would free up space on my machine if I primarily want to host, but occasionally want to connect to others.

Stability

I found this to be very stable, compared to RDP or VNC, you have the same access, NoMachine prompts you for authentication on the local machine before you can login, it’s process is well documented for the user and the administrator. It’s enough for me that I’m going to be ditching TeamViewer in my lab environment and remote debugging customer machines, and use NoMachine with some ssh tunnels to avoid exposing it to the internet entirely.

Should you use NoMachine?

This would depend on your use case. For me, in my lab is perfect, as I have a variety of machines (CentOS, Debian, Windows 10, Windows Server, etc) that I need to connect remotely into, and NoMachine lets me run their service and forget about it, and I can easily access it on all my devices without having to fiddle with display settings, proxying, etc. Here’s a few use cases I can see NoMachine being practical in, aside homelabs:

IT Support (Small-Medium Sized Business)

NoMachine would add value to supporting remote machines, the simplicity and always-available service allows the IT Administrator to connect, debug, and exit. The User also can see every action that’s occurring at their desk, and it helps provide transparency to users ensuring their problem is fixed.

Managed Services Provider (MSP)

MSPs and IT Support are similar, but their use cases may vary. Being a small MSP myself, I can use NoMachine to connect to a few managed customers computers, and debug their issue without needing them to come down my office or me traveling there. The limitation being if it’s a hardware issue, however, it’s much more cost effective for both parties involved if you can debug software vs hardware remotely, and then form a plan of action for the next steps.

Lab / Family

If you’re the resident Geek, you’ll likely need to give your family members help with their computers. NoMachine would be a great way to do that over LAN, allowing you to have all your tools on your machine, without having to drag the computer around with you.

Recommendations

Lastly, here are some recommendations for running NoMachine on services that are exposed to the internet:

  1. Block the NoMachine port at the firewall to the public internet
  2. Use a VPN (eg OpenVPN / wireguard) to connect
  3. Set the firewall to allow authenticated VPN users to access the NoMachine on devices
  4. Change the standard NoMachine port to a unique number for your network

I hope you’ve enjoyed reading this post, feel free to give me a shout in the comments, would love to chat!

Add Comment