[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] closing port 6000



I'm a bit stumped by this too.  I think the place to start is the files in
/opt/kde3/share/config/kdm.

Looking there I see another Xservers file.  Unfortunately changing this
doesn't seem to work either.  The README suggests changing the files in
/etc/X11/xdm and then running a program called
<kdebase-sources>/kdm/kfrontend/genkdmconf that I can't find.  Possibly a
source package needs installing.

Anyway it's definitely a kdm issue because I've tried running X on it's own
(with kdm stopped) using the -nolisten tcp parameter and it doesn't open a
tcp socket - which is what you want.

I've had problems with kdm config before.  Another suggestion (that I can't
try from here at the moment) is to look carefully through the YaST2
configuration for kdm for command line parameters to X.  That's probably the
"supported" route and bypasses all this wierdness where it's kinda ignoring
the Xservers file.

Tell us if you find the answer, I'd be interested!



Another way out of this, possibly...

You have presumably seen that a Linux box is "listening" for TCP connections
on port 6000 by using the command
netstat -tlnp or something like that right?

That just shows that the linux box will listen indiscriminately for
connections in the absence of a firewall.  If you have a firewall in place
on that box (or even better between that box and the internet, on a
dedicated router/gateway/firewall box) then the port will not be "open" to
the internet anyway.  All firewalls will block port 6000 as the standard
X-Windows protocol is notoriously insecure.

Regards,
Carl

----- Original Message ----- 
From: "david" <david@xxxxxxxxxxxxxxxxxx>
To: <suse-security@xxxxxxxx>
Sent: Monday, January 19, 2004 4:11 PM
Subject: [suse-security] closing port 6000


> how do i close the port 6000 ?
> i had try editing the /etc/X11/xdm/Xservers, and
/opt/kde3/share/config/kdm/
> Xservers, and add the "-nolisten tcp" switch but nothing happens...
>
> is there another configuration file to close this port ?
>
> Thanks
>
>
> -- 
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here