Okay I use gdm for my login and I've found no way to turn off port 6000 or in
this case make it not listen to that port I'm using Xauth security (Redhat
6.0) but is that enough to guarantee only authorized access on that port?
Thanks.
Kenneth Stephen wrote:
> Darryl,
>
> One of the first things that need to be done to secure a box is to
> block all un-needed ports. If you will never need to run an ftp server for
> example, dont run the daemon.
>
> The X server typically listens at port 6000 for client
> connections. Blocking this port is as simple as not running an X server.
> If you are running xdm (which provides an X login prompt at boot up),
> switch to a command line login (for which you need to change the default
> runlevel - see man inittab).
>
> If, on the other hand, you do need to run X clients, enforce
> security. The first approximation to this is an xhost (see man xhost)
> based security. This not really very secure. The preferred security
> mechanism is xauth - and chances are you distribution already uses it. If
> you are using an xterm, and you 'su' to a user other than the one which
> started up the X session, and execute an X client (xclock, netscape, etc),
> a message having to do with MIT-MAGIC cookies indicates xauth based
> authentication.
>
> If you are really, really interested in securing your box, I would
> suggest you start reading all security related materials and BUGTRAQ.
> There are plenty of linux and security oriented webpages out there. The
> linux-net mailing list would also be more suitable, because that is where
> the experts hang out.
>
> Regards,
> Kenneth
>
> On Sun, 30 Jan 2000, 1stFlight ! wrote:
>
> > I did a self port scan and it revealed that I have an X port running.
> > My question is ...where do I go to make sure this service isn't being
> > broadcast? Thanks!
> >
>
