I run nmap localhost to my slackware 11.0.
one thing that intrigues me is port 6000. I use X (KDE) when I'm using my slackware but I don't use my slackware as an X server for other user.
my questions are:
why it's open?
Whilst in my co-workers' slackware 11.0 there's NO port 6000 open...
(yes, they're using X just for their own computer also).
How to close it?

Tnx

It's probably XDMCP, used for remote X connections. You can turn it off by putting

DisplayManager.requestPort: 0

in /etc/X11/xdm/xdm-config if you're using XDM as the login manager. If it's kdm, I think the file is

/opt/kde/share/config/kdm/kdmrc

and you should set

[Xdmcp]
Enable=false

But XDMCP should've been turned off by default, did you enable it manually?

Then restart X... ligar is right, it's used for remote x-windows sessions... I'd like to see this turned off by default personally.

No, just close it.

Rather than running "startx" to start the xserver run : to stop the X server listening on 6000. You may then alias startx to reflect this change if you wish.

search for the file startx in ur pc using slocate command or other serach utility like find.

i think startx should be in /usr/X11R6/bin

in that file where its written serverargs=""
change it to serverargs="-nolisten tcp"

Not meaning to split hairs here but I would tend to alias the "startx" script to "startx -- -nolisten tcp" for several reasons. 1) You are not altering a standard script which may be overwritten when updgrading/reinstalling something. 2) The original functionality if the script is preserved. 3) Different functionality may given to some users by having their own environment (i.e. some users have the alias, others don't. 4) It can become difficult to keep track of "customizations" to the original Slackware settings, keeping them (as aliases) in /etc/profile.d or ~/.bashrc keeps system wide/local settings in two easily maintainable places. This is much like a lot of the rc.d scripts source .conf files so the original script may be left intact. Others may disagree - there's more than one way to skin a cat !! Just a few ideas anyway..

Cheers.

I had the same problem and because of this reason
I have choosen the following solution:

/etc/X11/xinit/xserverrc
The file /etc/X11/xinit/xserverrc is not included in the slackware installation, so no problems when updateing xorg server.

1 members found this post helpful.

Yea, good point with the alias bgeddy. I'm the only user on my computer and I'll never need or want that port open so that's how I choose to handle it. An alias would be more "proper". Especially if this were at work, like I think the OP is suggesting. To the OP, I'm fairly certain that the global and local bashrc file won't get read on login shells and I don't know if you can define an alias in the global or local profile files. A ~/.bash_profile sourcing ~/.bashrc which in turn contains:

alias startx='startx -- -nolisten tcp'

aught to work. Someone correct me if I'm mistaken. Defining said alias in /etc/bashrc would defeat the purpose of keeping it user based....

@pdw_hu, Judging from your short and slightly unhelpful post, I'm assuming you mean to block traffic on that port via a firewall script?

iptables -A INPUT -p ALL -i $INTERFACE --dport 6000 -j DROP

Not too much point in doing that. 1.) Last I checked, Slackware doesn't come with a firewall script so you'd have to spend some time setting one up. 2.) Why even have the port listen at all if your not going to use it?

Oops - sorry about possibly misleading you with the ~/.bashrc. I have my ~/bash_profile set up to source the ~/.bash_rc if it exists and store all my aliases in the ~/.bashrc. (I was forgetting that my ~/.bash_profile was set to source the ~/.bashrc on my setup. So much to my extolling the virtues of standard Slackware setups !). However at least you spotted it !

So - in a nutshell : as you said..

and yes, anything in /etc defeats the object of being user based. Phew - I think we got there in the end...