open port x11

open port x11

Post by Koen Verbek » Wed, 15 Mar 2000 04:00:00



Hi

When I run nmap and I'm running X, I see of course X11 standing in the
list. My ports are open though.
Is there any way to make the X11 server invisible to outside the LAN or,
if it has to be that way, outside the machine?

TIA,
        - Koen

,---------------------------------------------,

|      http://home.freegates.be/koen-yalp     |
`---------------------------------------------'

 
 
 

open port x11

Post by Anthony Schlemme » Thu, 16 Mar 2000 04:00:00


Block all network traffic from external systems that attempt to connect to
ports in the range of 6000-6063 on your system.


> Hi
> When I run nmap and I'm running X, I see of course X11 standing in the
> list. My ports are open though.
> Is there any way to make the X11 server invisible to outside the LAN or,
> if it has to be that way, outside the machine?
> TIA,
>    - Koen
> ,---------------------------------------------,

> |      http://home.freegates.be/koen-yalp     |
> `---------------------------------------------'

--
Anthony Schlemmer


 
 
 

open port x11

Post by Koen Verbek » Thu, 16 Mar 2000 04:00:00


Thanks!


> Block all network traffic from external systems that attempt to connect to
> ports in the range of 6000-6063 on your system.


> > Hi

> > When I run nmap and I'm running X, I see of course X11 standing in the
> > list. My ports are open though.
> > Is there any way to make the X11 server invisible to outside the LAN or,
> > if it has to be that way, outside the machine?

> > TIA,
> >       - Koen

> > ,---------------------------------------------,

> > |      http://home.freegates.be/koen-yalp     |
> > `---------------------------------------------'

> --
> Anthony Schlemmer


,---------------------------------------------,

|      http://home.freegates.be/koen-yalp     |
`---------------------------------------------'
 
 
 

open port x11

Post by $kr1p7_k1.. » Thu, 16 Mar 2000 04:00:00



> Block all network traffic from external systems that attempt to connect to
> ports in the range of 6000-6063 on your system.

And do yourself a favor, and block them outgoing as well.

--
............................................................................

"...Take the Anti-Defamation League [of B'nai B'rith]... It's actually an
 organization devoted to trying to defame and intimidate and silence people
 who criticize current Israeli policies, whatever they may be."

                                     -Noam Chomsky, Language and Politics
 ............................................................................

 
 
 

open port x11

Post by Koen Verbek » Fri, 17 Mar 2000 04:00:00




> > Block all network traffic from external systems that attempt to connect to
> > ports in the range of 6000-6063 on your system.

> And do yourself a favor, and block them outgoing as well.

Err, in  /etc/services ? I can't seem to find it... Is that huge list in
the services file normal or should I delete all of the not-needed
services?
I want to set up a firewall but don't really know whether it'll do much
good: it won't run on a seperate machine. I've only got two computers and
I need them both.

,---------------------------------------------,

|      http://home.freegates.be/koen-yalp     |
`---------------------------------------------'

 
 
 

open port x11

Post by Anthony Schlemme » Fri, 17 Mar 2000 04:00:00





>> > Block all network traffic from external systems that attempt to connect to
>> > ports in the range of 6000-6063 on your system.

>> And do yourself a favor, and block them outgoing as well.
> Err, in  /etc/services ? I can't seem to find it... Is that huge list in
> the services file normal or should I delete all of the not-needed
> services?

You don't need to delete anything from the /etc/services file. Some programs
us that file so they can map a port number to the name of the service I
believe. It's inetd that handles starting the services. Look in the
/etc/inetd.conf file and comment out any services that you don't need to have
running. Then do a "kill -HUP <inetd_pid>" where <inetd_pid> is the process ID
for your running inetd. This cause inetd to reread its configuration file and
it will terminate any services that you commented out and only leaving the ones
you want running.

Quote:> I want to set up a firewall but don't really know whether it'll do much
> good: it won't run on a separate machine. I've only got two computers and
> I need them both.

If you have a machine with running services on it you want a firewall setup. A
firewall doesn't need to be a stand alone machine but since you'll be
running alot more stuff than what a dedicated firewall would run you need
to make sure your firewall is setup to block access to the running
services on the box you don't want outside systems trying to connect with.

> ,---------------------------------------------,

> |      http://home.freegates.be/koen-yalp     |
> `---------------------------------------------'

Tony

--
Anthony Schlemmer

 
 
 

open port x11

Post by Koen Verbek » Sat, 18 Mar 2000 04:00:00



> /etc/inetd.conf file and comment out any services that you don't need to have
> running. Then do a "kill -HUP <inetd_pid>" where <inetd_pid> is the process ID
> for your running inetd. This cause inetd to reread its configuration file and
> it will terminate any services that you commented out and only leaving the ones
> you want running.

Everything in there has been hashed out quit a while ago. Some services
are still visible via nmap though... I'll look into firewalling now.

Quote:> If you have a machine with running services on it you want a firewall setup. A
> firewall doesn't need to be a stand alone machine but since you'll be
> running alot more stuff than what a dedicated firewall would run you need
> to make sure your firewall is setup to block access to the running
> services on the box you don't want outside systems trying to connect with.

Right. I'll be working on it tonight ;-)

,---------------------------------------------,

|      http://home.freegates.be/koen-yalp     |
`---------------------------------------------'

 
 
 

open port x11

Post by James Szinge » Fri, 24 Mar 2000 04:00:00



> Hi

> When I run nmap and I'm running X, I see of course X11 standing in the
> list. My ports are open though.
> Is there any way to make the X11 server invisible to outside the LAN or,
> if it has to be that way, outside the machine?

> TIA,
>    - Koen

XFree86 can be started with the '-nolisten tcp' flag to disable tcp
completely.

--

ITS Academic Media & Technology      175 Whitney Ave.
Yale University                      Phone (203) 432-6656

 
 
 

1. RPC port & X11 Ports

Hi,

I have noticed by running an nmap on myself, that i have 3 ports
open.  22 which is fine since i am running sshd, but also I have port
111 and 6000 open.  I know what these ports are for, but i would like
to have them closed, as I dont really need the services they are
providing.  So on redat 7 where do i find these ports being opened to
shut them down.  Ie: is there a specific daemon running for these?  I
looked for rpc in the ps -A list, but it wasnt there, so i am kind of
stuck.
any help would be great!

adam

2. Overclock 486DX/33MHz

3. Upgrading to 4.6.2...X11 config in /usr/X11R6/lib/X11 or /etc/X11?

4. !! mounting linux partitions from NT

5. open ports - why are they open?

6. Max number of Process and Threads

7. localhost portscan detects 2 randomly opened and closed ports - other hosts cannot see these open

8. Problems booting linux from OS/2 boot manager

9. Why does the jdk ports use open-motif-devel rather than open-motif?

10. Ignore all incoming udp/ip and udp/ip on all ports, except open ports?

11. ipchains/TCP/UDP, Why should I open UDP ports so that my TCP ports can work?

12. Serial port configuration in SVR4 - port open times out

13. What is the different between opening one port and a thouand ports on a firewall?