On Thu, 29 Jul 1999 17:39:03 +0100 (IST) Eric Mosley <ericm@iol.ie> writes:
Hi,
I recently ran nessus and it gave me some information like this ...
On this machine, there is an X11-Server that grants access without authentification. That means a hacker is able to sniff every keystroke that is typed on the X11-Server (or get a copy of the victims screen). Solution: use MIT-Cookies, xauth.
How do I get rid of this and stil use X11. Is using MIT-Cookies, xauth a real big change??
Also, can I comment out in inetd.conf telnet shell and login and still start a new xterm?
Thanks for you thoughts,
Eric
If you don't need or want to export your x server to any other machines, I think you can configure xhost to not accept any connections at port 6000 from anywhere other than the localhost. I did that with my suse 6.1 box, and I no longer get an open port 6000 in any scans I do (nessus, nmap, etc.). Look at man xhost. I'm not positive, but with this setup, a box will not be compromised *because* of X, but could be manipulated to setup up X to export. Course, at that point, the box is already compromised anyway... dan ___________________________________________________________________ Get the Internet just the way you want it. Free software, free e-mail, and free Internet access for a month! Try Juno Web: http://dl.www.juno.com/dynoget/tagj.