I don't know if this is considered safe, but when I entered ip of my server and screen :0 to vncviewer, I could connect to vnc remotely. This is good feature, but I would really like to disable any remote vnc access, or at least put it under password.
I feel really uncomfortable that anybody can start vnc session to my private cloud without any credentials.
I have a one node setup, and as far as I remember, one guy from irc channel complained that if some of the port will be forbidden by iptables, whole openstack stops working, or something like this. So I afraid to experiment with iptables.
Asking for your advice what's better resolution for firewalling single-node RDO setup, at least VNC firewalling would be extremely nice.