Open X11 port

[doug-x07]

Hi I just did a fresh install of gentoo on a box and ran a check to see what ports were open. I was surprised to see X11 open on port 6000. I had already stuck the line serverargs="-nolisten tcp" in /usr/X11R6/bin/startx which I thought stopped X listening for remote connections on that port. I'm starting x through kdm, are there any other configuration files that have an effect opening this port that I have overlooked? If anyone has any ideas of where I can look please give me a suggestion.

Thanx
_________________
#! /usr/bin/perl
if( @first != $succeed ) {
post { $question->forum && eval '$answers' };
try { $again } catch { $problem && $resolve };
bless $posters; }

[doug-x07]

Just wanted to add that I have already been through this article:

https://forums.gentoo.org/viewtopic.php?t=19497&highlight=x11+port
and nothing there that resolves the problem. I did the portscan using both netsat and nmap, 6000 up in both cases.
_________________
#! /usr/bin/perl
if( @first != $succeed ) {
post { $question->forum && eval '$answers' };
try { $again } catch { $problem && $resolve };
bless $posters; }

[Rajesh]

Assuming that you use GDM as your X display manager, edit the file /etc/X11/gdm/gdm.conf and look for a line such as:

[doug-x07]

Thanks Rajesh that's gdm secured and audited!! Anyone know where the kdm config files are or does it just use xdm files? For xdm it looks like the server is started in /etc/X11/xdm/Xservers. I really want to make sure all calls to /usr/X11R6/bin/X are made with -nolisten tcp.
_________________
#! /usr/bin/perl
if( @first != $succeed ) {
post { $question->forum && eval '$answers' };
try { $again } catch { $problem && $resolve };
bless $posters; }

[Rajesh]

Here's what you can do to find the relevant config file:

[humpback]

You can always be on the paranoid side like i am and configure the firewall to drop all connections coming to port 7000.
_________________
Gustavo Felisberto
Humpback @ #gentoo-pt
------------
It's most certainly GNU/Linux, not Linux. Read more at
http://www.gnu.org/gnu/why-gnu-linux.html .
-------------

[doug-x07]

I sure am on the paranoid side like you when it comes to securing ports. I just wanted to shut them down immediately the time it takes me to come up with a decent firewall configuration. It's a shame that X does not install with the ports closed by default. I wonder how many unsuspecting users are running boxes with this gaping security hole waiting to be exploited?
_________________
#! /usr/bin/perl
if( @first != $succeed ) {
post { $question->forum && eval '$answers' };
try { $again } catch { $problem && $resolve };
bless $posters; }

[Ethernal]

well, it's not a hole in that sence. you still have to do the xhost command to make someone able to actually connect to your X
_________________
Hmm.. Of course, these are MY opinions - likely to be just as flawed as anyone else's. Um, really, I guess you should assume everyone's speaking out of some external influence. Believe in whatever makes sense to you.

[humpback]

nmap can tell you Uppps did i just told you to do a internet scan on port 6000 ?
That is indeed a issue, but i suspect that for each user running x on a unprotected machine there are 1000 users runing IIS and SQL server, and today those are the targets for script kiddies and warez d00dz.

Also you should probaly spend some time configuring a firewall.
_________________
Gustavo Felisberto
Humpback @ #gentoo-pt
------------
It's most certainly GNU/Linux, not Linux. Read more at
http://www.gnu.org/gnu/why-gnu-linux.html .
-------------

[doug-x07]

[ebichu]