X security (was Re: nmap -sT and open ports from a friends)
X in Debian by default uses -nolisten tcp, why is it open?
Also, read the XSecurity man page-- just because the port is open does
not mean it is accessible.
However, you should as a rule disable anything that listens to the
internet if you don't need it. You should also, if possible, use
host-based access control.
Adding a firewall will only help things, and it certainly can't hurt.
Why not run one if you're unsure? Shorewall is a nice iptables front-end.
Reply to: