[TriLUG] preventing X from opening port 6000?
Geoff Purdy
geoff.purdy at verizon.net
Wed Mar 13 10:33:21 EST 2002
The discussion of probing ssh ports brought to mind an X11 issue I've been
trying to sort out recently. A brief background for my question: I have a
single RHL7.2 system connected directly to a DSL modem (i.e. no firewall /
router). However, I think I've locked down reasonably well. nmap shows the
following (when running X):
$ nmap -p 1- localhost
Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
Interesting ports on localhost.localdomain (127.0.0.1):
(The 65527 ports scanned but not shown below are in state: closed)
Port State Service
6000/tcp open X11
Two questions:
a) What is the level of risk of my system being compromised through port
6000 while running the X11 service?
b) I believe that if I boot into runlevel 3, I can run 'startx -nolisten
tcp' to prevent X from opening port 6000. How can I configure the system to
use the '-nolisten tcp' option when booting directly into X (runlevel 5).
Thanks .
More information about the TriLUG
mailing list