X-Windows installed on hardenend DMZ host

Discussion in 'Computer Security' started by Robin Huiser, Oct 8, 2004.

  1. Robin Huiser

    Robin Huiser Guest

    Hi all,

    (I trust this is ok in this group - If not pls could anyone point to a
    more appropriate one, pls).

    Does anyone know where to find more information about security risks /
    issues having X-Windows libs + apps installed (but not running) on a DMZ
    box?

    Thanks in advance,

    Robin
     
    Robin Huiser, Oct 8, 2004
    #1
    1. Advertising

  2. Robin Huiser

    donnie Guest

    On Fri, 08 Oct 2004 12:21:13 +0200, Robin Huiser <>
    wrote:

    >Hi all,
    >
    >(I trust this is ok in this group - If not pls could anyone point to a
    >more appropriate one, pls).
    >
    >Does anyone know where to find more information about security risks /
    >issues having X-Windows libs + apps installed (but not running) on a DMZ
    >box?
    >
    >Thanks in advance,
    >
    >Robin

    #####################
    You didn't say what OS it is but as far as FreeBSD goes, remote X
    displays are disabled by default. That's the -listen_tcp option of
    the startx command. Also, if I remember correctly, X server runs on
    port 6000, which can be blocked.
    Soemthing comes to mind. Edit the xinitrc file where it says #start
    some nice programs. Delete what it says under that.
    donnie
     
    donnie, Oct 9, 2004
    #2
    1. Advertising

  3. Robin Huiser

    Robin Huiser Guest

    donnie wrote:

    > On Fri, 08 Oct 2004 12:21:13 +0200, Robin Huiser <>
    > wrote:
    >
    >
    >>Hi all,
    >>
    >>(I trust this is ok in this group - If not pls could anyone point to a
    >>more appropriate one, pls).
    >>
    >>Does anyone know where to find more information about security risks /
    >>issues having X-Windows libs + apps installed (but not running) on a DMZ
    >>box?
    >>
    >>Thanks in advance,
    >>
    >>Robin

    >
    > #####################
    > You didn't say what OS it is but as far as FreeBSD goes, remote X
    > displays are disabled by default. That's the -listen_tcp option of
    > the startx command. Also, if I remember correctly, X server runs on
    > port 6000, which can be blocked.
    > Soemthing comes to mind. Edit the xinitrc file where it says #start
    > some nice programs. Delete what it says under that.
    > donnie

    Thanks for the comment!!!

    The OS is AIX and my concerns are mainly what a hacker could do with the
    extra installed software and libs - there is no X server running during
    normal operation.
     
    Robin Huiser, Oct 21, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jonnah
    Replies:
    1
    Views:
    1,357
    mcaissie
    Apr 21, 2004
  2. JohnC
    Replies:
    9
    Views:
    923
    Walter Roberson
    Dec 7, 2004
  3. Network-Guy

    Cisco PIX DMZ to DMZ Access

    Network-Guy, Sep 23, 2005, in forum: Cisco
    Replies:
    7
    Views:
    3,974
    Walter Roberson
    Sep 25, 2005
  4. morten
    Replies:
    4
    Views:
    1,329
    Tilman Schmidt
    Sep 4, 2007
  5. Jack
    Replies:
    0
    Views:
    741
Loading...

Share This Page