From owner-freebsd-security Fri May 26 9: 2:46 2000 Delivered-To: freebsd-security@freebsd.org Received: from horizon.barak-online.net (horizon.barak.net.il [206.49.94.218]) by hub.freebsd.org (Postfix) with ESMTP id 3A97E37B55E for ; Fri, 26 May 2000 09:02:19 -0700 (PDT) (envelope-from bk532@iname.com) Received: from localhost.local.net (pop09-1-ras1-p166.barak.net.il [212.150.8.166]) by horizon.barak-online.net (8.9.3/8.9.1) with ESMTP id TAA07570; Fri, 26 May 2000 19:01:17 +0300 (IDT) Received: from iname.com (localhost.local.net [127.0.0.1]) by localhost.local.net (8.9.3/8.9.3) with ESMTP id LAA40578; Fri, 26 May 2000 11:41:17 +0300 (IDT) (envelope-from bk532@iname.com) Message-ID: <392E38AC.5A665E69@iname.com> Date: Fri, 26 May 2000 11:41:16 +0300 From: Boris Karnaukh Organization: Private person X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 3.4-STABLE i386) X-Accept-Language: en, ru MIME-Version: 1.0 To: BD Cc: freebsd-security@FreeBSD.ORG Subject: Re: Web Server and Xwindows References: Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org BD wrote: > > I've never used or installed IPSEC although I'm aware that is part of > 4.0(?). Since I will only use X localy is this still necessary? I had > planned to use ipfw to block X at the interface. I am completly ignorant > when it comes to securing X (that's why I've never used it before). > You can simply run X server with -nolisten tcp option. For example: startx -- -nolisten tcp All your X servers will use for communication unix sockets but not tcp. -- Boris Karnaukh (mailto:bk532@iname.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message