SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Slack 8.1, Gentoo 1.3a, Red Hat 7.3, Red Hat 7.2, Manrake 8.2
Posts: 328
Original Poster
Rep:
I just want to stop all access remotely but am running a webserver aswell so I dont want to use Iptables and ssh is going to be disabled aswell so i want to somehow stop X11 listening for network connections..
You are running a web server and dont want to use iptables?
Iptables can be configured to allow whatever ports you like, so you can allow 80 and stop the others that you dont want. You are really leaving yourself open otherwise. (correct me if I am wrong someone)
tobyl
Distribution: Slack 8.1, Gentoo 1.3a, Red Hat 7.3, Red Hat 7.2, Manrake 8.2
Posts: 328
Original Poster
Rep:
Quote:
Originally posted by tobyl You are running a web server and dont want to use iptables?
Iptables can be configured to allow whatever ports you like, so you can allow 80 and stop the others that you dont want. You are really leaving yourself open otherwise. (correct me if I am wrong someone)
tobyl
Just to explain
I dont want to run iptables on the server that hosts thewebserver because I am doing this for an MSc disertation and belive that it would be more secure to turn off services that arent needed and then place a Proxy and/or hardware firewall in front of the server thus creating a simple DMZ and allowing only access to Port 80 when the Proxy (which will run in combined mode) doesent have a doc required while also allowing https access to purchase goods.
Basically trying to lower the load on the main machine while ensuring security is at max, which is why I want to disable the remote access to any service not needed even when firewalls and IDS's are in use.
Ah, well then you are probably over my head, but I do know that to stop X listening (6000), the argument is startx -nolisten TCP.
If you start X from kdm,gdm or xdm then you need to add -nolisten TCP to the relevant file that calls X.
Could you tell us how you boot into X?
do you use kde, gnome, or maybe you boot into X fron the command line, ie is your default runlevel 3 or 4? (/etc/inittab)
it depends how you start your X server as to which file matters.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.