Date: Fri, 9 Jun 2000 11:22:24 -0400 From: Peter Radcliffe <pir@pir.net> To: freebsd-security@freebsd.org Subject: Re: Firewall Problem Message-ID: <20000609112223.A27490@pir.net> In-Reply-To: <Pine.BSF.4.21.0006091333430.12242-100000@Athena.za.net>; from jus@security.za.net on Fri, Jun 09, 2000 at 01:34:22PM %2B0200 References: <862568F9.003E54A8.00@MCSMTP.MC.VANDERBILT.EDU> <Pine.BSF.4.21.0006091333430.12242-100000@Athena.za.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Justin Stanford <jus@security.za.net> probably said: > You can kill the portmapper (port 111) in /etc/rc.conf by placing an > override in there (find the override in /etc/defaults/rc.conf). > > Port 6000 is your X server - its best to firewall out 6000. In this day and age I _strongly_ suggest starting X with '-nolisten tcp' and using the unix domain socket to talk to the X server. This even works cleanly with X forwarding over ssh. This will stop X clients on another machine displaying on your's (unless you use ssh forwarding) but I never do that anyway ... P. -- pir pir@pir.net pir@net.tufts.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000609112223.A27490>