Re: [fw-wiz] Do you permit X11 via proxy firewall?

We *used* to allow X11 via Gauntlet's x-gw, when I was handed the
firewall as part of my new security position...

Then when Gauntlet started getting passed around from vendor to vendor,
and was ultimately replaced, we decided that X11 wasn't the best thing
to be allowing through. Oh, and the new firewall didn't use proxying, so
it was an easy "choice." We weren't about to open up a packet filter to
handle that beast.


On Wednesday, September 05, 2007 10:38 AM, ArkanoiD said:

And, if yes, how do you implement it?
Using legacy X11 proxies that perform uninspected (though authorized)
circuit relays, similar to TIS/NAI x-gw? Using something similar to
xorg's xfwp (which does not seem to be compatible with older X

Or is x11 firewall support just a useless tradition?
firewall-wizards mailing list