LinuxQuestions.org - Xorg listening on TCP by default

- Slackware (https://www.linuxquestions.org/questions/slackware-14/)

- - Xorg listening on TCP by default (https://www.linuxquestions.org/questions/slackware-14/xorg-listening-on-tcp-by-default-4175438957/)

xj25vm

11-27-2012 01:39 PM

Xorg listening on TCP by default

I've just run netstat on my Slack machine and I see:

Code:

#netstat -tupa

Active Internet connections (servers and established)

Proto Recv-Q Send-Q  Local Address  Foreign Address  State    PID/Program name  

...

tcp        0      0  *:x11            *:*            LISTEN      2298/X

...

Since everything else seems pretty nice and tight on a default Slack install, and since, googling around it seems the "-nolisten" argument can be used with X to stop it from listening for TCP connection - I'm a bit puzzled as to why the Slackware default install doesn't use "-nolisten".

Anybody knows?

Thanks

beder

11-27-2012 06:03 PM

it's not harmful http://security.fnal.gov/cookbook/Xnolisten.html

GazL	11-27-2012 07:17 PM

The slackware philosophy is to not make assumptions. Configuration choices such as these are generally left to the user/admin.

Rather than add "-nolisten tcp" I prefer to stick the port behind some iptables rules.

allend

11-27-2012 11:58 PM

Yes, netstat lists port 6000 as listening, but connections from remote computers are disabled by default in Slackware.
From /etc/X11/xdm/xdm-config

Code:

DisplayManager.requestPort: 0

/etc/kde/kdm/kdmrc

Code:

ServerArgsLocal=-nolisten tcp

If you want to lock it down, then see here. http://docs.slackware.com/howtos:sec...basic_security

If you want to enable remote connections, then see here. http://alien.slackbook.org/blog/runn...on-ms-windows/

xj25vm

11-28-2012 03:02 AM

Thanks for all the replies

All times are GMT -5. The time now is 03:02 AM.