Mailinglist Archive: opensuse-security (64 mails)
| < Previous | Next > |
nessus output
- From: Eric Mosley <ericm@xxxxxx>
- Date: Thu, 29 Jul 1999 17:39:03 +0100 (IST)
- Message-id: <Pine.LNX.3.95.990729173827.8398A-100000@xxxxxxxxxxxx>
Hi,
I recently ran nessus and it gave me some information like this ...
On this machine, there is an X11-Server that grants access
without authentification. That means a hacker is able to sniff
every keystroke that is typed on the X11-Server (or get a copy of the
victims screen).
Solution: use MIT-Cookies, xauth.
How do I get rid of this and stil use X11. Is using MIT-Cookies, xauth a
real big change??
Also, can I comment out in inetd.conf telnet shell and login and still
start a new xterm?
Thanks for you thoughts,
Eric
I recently ran nessus and it gave me some information like this ...
On this machine, there is an X11-Server that grants access
without authentification. That means a hacker is able to sniff
every keystroke that is typed on the X11-Server (or get a copy of the
victims screen).
Solution: use MIT-Cookies, xauth.
How do I get rid of this and stil use X11. Is using MIT-Cookies, xauth a
real big change??
Also, can I comment out in inetd.conf telnet shell and login and still
start a new xterm?
Thanks for you thoughts,
Eric
| < Previous | Next > |