On Tue, 02 Jan 2001 13:18:48 -0500 (EST), Charles Galpin
<[EMAIL PROTECTED]> wrote:
Why? Just plain laziness. I put my firewall script together from bits and pieces I
stole from here and there, plus a few of my own customizations.
I just never bothered to change the part of the script that walls off X (since it does
it's job, and there's no reason for anyone to connect to this machine at port 5999
anyway).
__
Larry Grover, PhD
Assoc Prof of Physiology
Marshall Univ Sch of Med
> just curious why you use 5999:6003. I thought they started at 6000 (that's
> what I'm using anyway)
>
> thanks
> charles
> On Tue, 2 Jan 2001, Larry Grover wrote:
>
>> On Tue, 02 Jan 2001 10:27:54 -0500, John Aldrich <[EMAIL PROTECTED]> wrote:
>> >
>> > How do I close the "X" port to the outside world? A buddy of mine
>> > (actually one of my co-workers who's job is security <G>) scanned my
>> > machine for me and saw that the "X" port is open.... I'm running RH
>> > 6.2 and that's about the only thing open to the outside world...
>> > Thanks...
>> > John
>>
>>
>> This is what I use:
>>
>> # X Displays :0-:2-
>> $IPCHAINS -A input -l -p tcp -s $REMOTENET -d $LOCALNET 5999:6003 -j DENY
>> $IPCHAINS -A input -l -p udp -s $REMOTENET -d $LOCALNET 5999:6003 -j DENY
>> echo -n "."
>>
>> # X Font Server :0-:2-
>> $IPCHAINS -A input -l -p tcp -s $REMOTENET -d $LOCALNET 7100 -j DENY
>> $IPCHAINS -A input -l -p udp -s $REMOTENET -d $LOCALNET 7100 -j DENY
>> echo -n "."
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list