I think one major reason other OSes have done '-nolisten tcp' by
default is to encourage people to use X11 forwarding via ssh instead
of xhost/etc, as the xhost way transmits in cleartext. Of course it
can be argued that the user should be left to decide that themselves,
so there's two sides to ev
The blind leading the blind
On Mon, 29 Aug 2005, Han Boetes wrote:
Bollocks.
Show me your exploit or shut up.
Vladislav Belogrudov wrote:
It reminds me approach
"we won't fix it because nobody reported a problem".
I think this is not obsd case and this is what
make difference between obsd a
Yeah because unknown exploits dont exist...
On Mon, 29 Aug 2005, Han Boetes wrote:
Vladislav Belogrudov wrote:
I thought it would make sence for most secure OS.
One port less listening the World.
It's not a security problem to have an open port. It's a security problem to
have a bad server l
On Mon, 29 Aug 2005 11:32:16 +0200, Han Boetes <[EMAIL PROTECTED]>
wrote:
>And since nobody knows about a problem with the X server, not even the people
>who have very deep knowledge about X and about security you can safely assume
>it's OK to have that port open by default.
Han,
Though I tend t
> I thought it would make sence for most secure OS.
> One port less listening the World.
That's not security.
On Mon, 29 Aug 2005 16:01:34 +0200
Han Boetes <[EMAIL PROTECTED]> wrote:
> Bollocks.
>
> Show me your exploit or shut up.
>
>
> Vladislav Belogrudov wrote:
> > It reminds me approach
> > "we won't fix it because nobody reported a problem".
> > I think this is not obsd case and this is what
> >
Bollocks.
Show me your exploit or shut up.
Vladislav Belogrudov wrote:
> It reminds me approach
> "we won't fix it because nobody reported a problem".
> I think this is not obsd case and this is what
> make difference between obsd and commercial unix.
>
> PS. X11 is not a secure thing you can tr
On 8/29/05, Miroslav Kubik <[EMAIL PROTECTED]> wrote:
> In my opinion, it is better to have it disabled as default.
This is something that has been beaten to death. You'll want to see
the archives and/or the CVS commits such as referred to in this
message [1]. In short: if you don't like X11 at po
:
Sent: Monday, August 29, 2005 11:32 AM
Subject: Re: Shouldn't OpenBSD X11 come out with "-nolisten tcp" as default?
Vladislav Belogrudov wrote:
> I thought it would make sence for most secure OS.
> One port less listening the World.
It's not a security problem
Miroslav Kubik wrote:
> Han wrote:
> > Vladislav Belogrudov wrote:
> > > I thought it would make sence for most secure OS. One port
> > > less listening the World.
> >
> > It's not a security problem to have an open port. It's a
> > security problem to have a bad server listening to an
> > open por
It reminds me approach
"we won't fix it because nobody reported a problem".
I think this is not obsd case and this is what
make difference between obsd and commercial unix.
PS. X11 is not a secure thing you can trust that easy
;)
--- Han Boetes <[EMAIL PROTECTED]> wrote:
> Vladislav Belogrudov
On Mon, 29 Aug 2005 11:53:37 +0200
"Miroslav Kubik" <[EMAIL PROTECTED]> wrote:
> In my opinion, it is better to have it disabled as default. Nothing is
> without bugs. So if we want most secure OS we should disable this function.
> If you need it. Enable it.
Where are the patches to the relevan
9, 2005 11:32 AM
Subject: Re: Shouldn't OpenBSD X11 come out with "-nolisten tcp" as default?
Vladislav Belogrudov wrote:
> I thought it would make sence for most secure OS.
> One port less listening the World.
It's not a security problem to have an open port. It's a sec
Vladislav Belogrudov wrote:
> I thought it would make sence for most secure OS.
> One port less listening the World.
It's not a security problem to have an open port. It's a security problem to
have a bad server listening to an open port.
And since nobody knows about a problem with the X server,
you can do everything with "-nolisten tcp" :)
e.g. X11 forwarding via ssh
BTW: most linux net oriented distros
with security in mind have it as default.
--- black reaper <[EMAIL PROTECTED]> wrote:
> On 8/29/05, Vladislav Belogrudov
> <[EMAIL PROTECTED]> wrote:
> >
> > I thought it would make
Black reaper,
Thats the dumbest reply I've read till date...
~Mayuresh
On 8/29/05, black reaper <[EMAIL PROTECTED]> wrote:
> On 8/29/05, Vladislav Belogrudov <[EMAIL PROTECTED]> wrote:
> >
> > I thought it would make sence for most secure OS.
> > One port less listening the World.
> >
> > Well,
I concur...
On 8/29/05, Vladislav Belogrudov <[EMAIL PROTECTED]> wrote:
> I thought it would make sence for most secure OS.
> One port less listening the World.
On 8/29/05, Vladislav Belogrudov <[EMAIL PROTECTED]> wrote:
>
> I thought it would make sence for most secure OS.
> One port less listening the World.
>
>
>
>
> Start your day with Yahoo! - make it your home page
> http://www.yahoo.com/r/hs
>
> W
I thought it would make sence for most secure OS.
One port less listening the World.
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
19 matches
Mail list logo