X security (was Re: nmap -sT and open ports from a friends)

To: debian-security@lists.debian.org
Subject: X security (was Re: nmap -sT and open ports from a friends)
From: Daniel Sterling <dan@lost-habit.com>
Date: Fri, 03 Feb 2006 18:33:30 -0500
Message-id: <[🔎] 43E3E84A.4040008@lost-habit.com>
In-reply-to: <[🔎] 43E3D6A8.9010409@ima.umn.edu>
References: <[🔎] 20060203220233.GA1450@marschmellow.homeunix.net> <[🔎] 43E3D6A8.9010409@ima.umn.edu>

X in Debian by default uses -nolisten tcp, why is it open?

Also, read the XSecurity man page-- just because the port is open doesnot mean it is accessible.

However, you should as a rule disable anything that listens to theinternet if you don't need it. You should also, if possible, usehost-based access control.

Adding a firewall will only help things, and it certainly can't hurt.Why not run one if you're unsure? Shorewall is a nice iptables front-end.

Reply to:

Follow-Ups:
- Re: X security (was Re: nmap -sT and open ports from a friends)
  - From: Steven Wheelwright <sjwheel@gmail.com>

References:
- nmap -sT and open ports from a friends
  - From: Mark-Walter@t-online.de
- Re: nmap -sT and open ports from a friends
  - From: Nate Sanders <nate@ima.umn.edu>

Prev by Date: Re: nmap -sT and open ports from a friends
Next by Date: Re: nmap -sT and open ports from a friends
Previous by thread: Re: nmap -sT and open ports from a friends
Next by thread: Re: X security (was Re: nmap -sT and open ports from a friends)
Index(es):
- Date
- Thread