Re: Disabling X and KDM from listening on a port.

From: Luca Fornasari (luca.fornasari@easybit.it)
Date: 08/14/01


Date: Tue, 14 Aug 2001 20:46:01 +0200 (CEST)
From: Luca Fornasari <luca.fornasari@easybit.it>
To: Rob Bos <rbos@wizard.ca>
Subject: Re: Disabling X and KDM from listening on a port.
Message-ID: <Pine.LNX.3.96.1010814201834.23790B-100000@nsi.easybit.it>

On Tue, 14 Aug 2001, Rob Bos wrote:

> On Tue, Aug 14, 2001 at 07:01:55PM +0200, Luca Fornasari wrote:
> > On Tue, 14 Aug 2001, Rob Bos wrote:
> >
> > > default. I took a quick look at my X configuration; Debian has -nolisten tcp
> > > on by default, which is fortunate.
> >
> > Which version of Debian are you running?
>
> I'm using the XFree86 4.1.0-2 packages on sid right now; from
> /etc/X11/xinit/xserverrc, which handles all startups of the X server:
>
> #!/bin/sh
> exec /usr/bin/X11/X -dpi 100 -nolisten tcp -verbose

Thx for your reply ... excuseme the reply on the mailing list but i think
it can be usefull for all.
In Debian potato (2.2 all releases) this is not the default; you have to
add the -nolisten tcp flag in the file you have mentioned by hand (or
better you have to create the file). Please note that this stops X from
listening on port 6000 *only* if you use the startx command to start it.
With xinit the matter is different because you cant use -nolisten tcp and
all users on the system must have access to xinit.
The only way I found to prevent users from launching X that binds to port
6000 is to launch xdm (configured properly ... dont forget that also xdm
binds to port) at startup! The flag to use with xdm is -udpPort 0
Then xdm reads /etc/X11/xinit/xserverrc and launch X with the appropiate
arguments. Users cant use xinit to launch X because X is already running.
Any comment?

--
Luca Fornasari                  http://www.easybit.it
System Manager                  mailto:luca.fornasari@easybit.it
EasyBit                         tel:+39-011-6696692
C.so M. D'Azeglio 78            fax:+39-011-6697824
I-10126 Torino IT               gsm:+39-348-2649029



Relevant Pages

  • Re: some weird stuff found
    ... I need to print to a network printer but I'm not a print server. ... This will stop them from listening. ... I am running xdm but I only allowed connections from ... Is this in any way related to X11 being on port 6000? ...
    (FreeBSD-Security)
  • X not listening on 177 after upgrade to 7.3
    ... Xorg question, but trying to get help from that group is ... ... I see Xorg listening on port 6000, but I seem to recall that xdm was ... I expect that if I could get xdm to listen then I could figure out gdm, ...
    (freebsd-questions)
  • xdm and xdmcp
    ... Is-it possible to run xdm with remote access through XDMCP protocol on freebsd 8? ... The command "netstat -a" never indicates that a process is listening on that port. ... the listening is possible but I cannot start the X server even if the server alone ...
    (freebsd-questions)
  • RE: Disabling X and KDM from listening on a port.
    ... On Wed, 15 Aug 2001, Karasik, Vitaly wrote: ... > If you want to close xdm just ... It still doesn't keep X from listening to port 6000 on every interface. ...
    (Focus-Linux)
  • Re: Best Plan of action for 2 forest.......
    ... PortQry reports the status of a port in one of the following ways: ... ..LISTENING This response indicates that a process is listening on the target ...
    (microsoft.public.windows.server.active_directory)