Darryl,
One of the first things that need to be done to secure a box is to
block all un-needed ports. If you will never need to run an ftp server for
example, dont run the daemon.
The X server typically listens at port 6000 for client
connections. Blocking this port is as simple as not running an X server.
If you are running xdm (which provides an X login prompt at boot up),
switch to a command line login (for which you need to change the default
runlevel - see man inittab).
If, on the other hand, you do need to run X clients, enforce
security. The first approximation to this is an xhost (see man xhost)
based security. This not really very secure. The preferred security
mechanism is xauth - and chances are you distribution already uses it. If
you are using an xterm, and you 'su' to a user other than the one which
started up the X session, and execute an X client (xclock, netscape, etc),
a message having to do with MIT-MAGIC cookies indicates xauth based
authentication.
If you are really, really interested in securing your box, I would
suggest you start reading all security related materials and BUGTRAQ.
There are plenty of linux and security oriented webpages out there. The
linux-net mailing list would also be more suitable, because that is where
the experts hang out.
Regards,
Kenneth
On Sun, 30 Jan 2000, 1stFlight ! wrote:
> I did a self port scan and it revealed that I have an X port running.
> My question is ...where do I go to make sure this service isn't being
> broadcast? Thanks!
>
