Re: [fw-wiz] Do you permit X11 via proxy firewall?
- From: "K K" <kkadow@xxxxxxxxx>
- Date: Wed, 5 Sep 2007 13:40:02 -0500
On 9/5/07, ArkanoiD <ark@xxxxxxxxx> wrote:
And, if yes, how do you implement it?. . .
Or is x11 firewall support just a useless tradition?
If you already permit SSH, then X11 can trivially be tunneled in SSH.
Well, technically, any protocol can run inside SSH (if you have the
latest OpenSSH), but X is particularly well-supported.
On 9/5/07, Skough Axel U/IT-S <axel.skough@xxxxxx> wrote:
Why should one desire the allowance of a computer from unsecure network to control the keyboard and screen on a computer on inside?
I would strongly recommend total blocking of the X11 ports through a firewall regardless of the vendor!
What about the issue of permitting *outbound* connections from
internal hosts to access X11 on the "outside" of the firewall,
including on your DMZ? Perhaps X has been superseded by VNC, RDP, and
Citrix, and is no longer a consideration for firewall policies?
Kevin
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] Do you permit X11 via proxy firewall?
- From: ArkanoiD
- [fw-wiz] Do you permit X11 via proxy firewall?
- Prev by Date: Re: [fw-wiz] Do you permit X11 via proxy firewall?
- Next by Date: Re: [fw-wiz] Do you permit X11 via proxy firewall?
- Previous by thread: Re: [fw-wiz] Do you permit X11 via proxy firewall?
- Next by thread: Re: [fw-wiz] Do you permit X11 via proxy firewall?
- Index(es):
Relevant Pages
|
