LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   Xorg listening on TCP by default (http://www.linuxquestions.org/questions/slackware-14/xorg-listening-on-tcp-by-default-4175438957/)

xj25vm 11-27-2012 02:39 PM

Xorg listening on TCP by default
 
I've just run netstat on my Slack machine and I see:

Code:

#netstat -tupa
Active Internet connections (servers and established)
Proto Recv-Q Send-Q  Local Address  Foreign Address  State    PID/Program name 
...
tcp        0      0  *:x11            *:*            LISTEN      2298/X
...

Since everything else seems pretty nice and tight on a default Slack install, and since, googling around it seems the "-nolisten" argument can be used with X to stop it from listening for TCP connection - I'm a bit puzzled as to why the Slackware default install doesn't use "-nolisten".

Anybody knows?

Thanks

beder 11-27-2012 07:03 PM

it's not harmful http://security.fnal.gov/cookbook/Xnolisten.html

GazL 11-27-2012 08:17 PM

The slackware philosophy is to not make assumptions. Configuration choices such as these are generally left to the user/admin.

Rather than add "-nolisten tcp" I prefer to stick the port behind some iptables rules.

allend 11-28-2012 12:58 AM

Yes, netstat lists port 6000 as listening, but connections from remote computers are disabled by default in Slackware.
From /etc/X11/xdm/xdm-config
Code:

DisplayManager.requestPort: 0
/etc/kde/kdm/kdmrc
Code:

ServerArgsLocal=-nolisten tcp
If you want to lock it down, then see here. http://docs.slackware.com/howtos:sec...basic_security

If you want to enable remote connections, then see here. http://alien.slackbook.org/blog/runn...on-ms-windows/

xj25vm 11-28-2012 04:02 AM

Thanks for all the replies


All times are GMT -5. The time now is 06:31 PM.