[fw-wiz] X server in a Firewall
- From: John M <idm.john@xxxxxxxxx>
- Date: Tue, 24 Jan 2006 14:24:04 -0800 (PST)
Taking in account that a graphical interface is a
requirement, from a risk standpoint, what is the
problem in running a X server (using local IPC, no
external port) in an unix based firewall box to manage
it (using a gtk interface, for exemple)?
Managing it trough a ssh port (or a web interface or
another port used by a proprietary console) wouldn't
increase the risk? since the ssh daemon (or web
server, etc) could be vulnerable and, even if is only
accepting connections from a specific IP, someone on
internal network could do ARP spoofing or something.
Besides this, the box managing the firewall could have
a key logger installed. (I know, in an ideal
world...).
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Follow-Ups:
- Re: [fw-wiz] X server in a Firewall
- From: Paul D. Robertson
- Re: [fw-wiz] X server in a Firewall
- Prev by Date: Re: [fw-wiz] Gmail replies
- Next by Date: Re: [fw-wiz] RE: In defense of non standard ports
- Previous by thread: [fw-wiz] Recommendations on modeler/change manger for PIX & FWSM
- Next by thread: Re: [fw-wiz] X server in a Firewall
- Index(es):
Relevant Pages
|
|
