How to disable XFree86 and wdm listening ports
Jason Stone
freebsd-security at dfmm.org
Mon Oct 27 18:00:44 PST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> For gdm, the process is similar the line to start the X server is in
> gdm.conf and would look like command=/usr/X11R6/bin/X -nolisten tcp.
If you think that you might someday invoke X with a different display
manager, you might consider replacing /usr/X11R6/bin/X with a shell script
that calls "X.real -nolisten tcp" - this would make all methods of
starting X not use the tcp port. On the other hand, you'll have to
remember to maintain it when you upgrade.
Also, it's probably a good idea to firewall of that port as well - defense
in depth and all that.
-Jason
--------------------------------------------------------------------------
Freud himself was a bit of a cold fish, and one cannot avoid the suspicion
that he was insufficiently fondled when he was an infant.
-- Ashley Montagu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
Comment: See https://private.idealab.com/public/jason/jason.gpg
iD8DBQE/nc3KswXMWWtptckRAmsQAKDxtRh8bGXweESE9NdUnEjdZ2DyQgCguft3
fN08dEO9gEEudzWWuQJYSkY=
=a1Up
-----END PGP SIGNATURE-----
More information about the freebsd-security
mailing list