From owner-freebsd-questions Thu Feb 21 16: 1:23 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mired.org (dsl-64-192-6-133.telocity.com [64.192.6.133]) by hub.freebsd.org (Postfix) with SMTP id 9A3E237B402 for ; Thu, 21 Feb 2002 16:01:19 -0800 (PST) Received: (qmail 72727 invoked by uid 100); 22 Feb 2002 00:01:18 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15477.35406.375828.941200@guru.mired.org> Date: Thu, 21 Feb 2002 18:01:18 -0600 To: "Scott M. Nolde" Cc: questions@freebsd.org, Manuel.Hendel@easygolucky.de Subject: Re: securing open ports 515(printer) and 6000(X11)?? In-Reply-To: <88411587@toto.iv> X-Mailer: VM 6.90 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ From: "Mike Meyer" X-Delivery-Agent: TMDA/0.46 (Python 2.2; freebsd-4.5-STABLE-i386) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Scott M. Nolde types: > Perhaps if you export DISPLAY=localhost:0.0 then X will only listed to it > on the localhost interface. Nope. The correct answer "-nolisten tcp" has already been given. That flag needs to be passed to the server. If it is, then you can't connect to localhost:0.0, but only to :0.0. For xdm - which is what I believe Manuel is using - the file /usr/X11R6/lib/X11/xdm/Xservers needs to be changed to start X with this line: :0 local /usr/X11R6/bin/X -nolisten tcp I haven't tested it, as I don't use XDM, but it ought to work. http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message