5133457 2000-05-26  05:12  /36 rader/ Postmaster
Mottagare: Bugtraq (import) <11013>
Ärende: Re: Nasty XFree Xserver DoS - Workaround
------------------------------------------------------------
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Delivered-To: BUGTRAQ@SECURITYFOCUS.COM
X-OS: FreeBSD 4.0-STABLE
X-Sender: cy
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID:  <200005251817.e4PIHiV31961@cwsys.cwsent.com>
Date:         Thu, 25 May 2000 11:16:51 -0700
Reply-To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
X-To:         fs@infonet.com.br
X-cc:         BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  Your message of "Thu, 25 May 2000 14:56:58 -0300." 
             <00052514583801.00175@morpheu>

In message <00052514583801.00175@morpheu>, Fred Silva writes:
> We can run the X server with the option "-nolisten tcp" set. This option caus
> es
> the X server to not listen connections from any client. To use this option,
> simply add it to serverargs variable in the /usr/X11/bin/startx script.

... then use Xforward to listen on port 6001 to forward X traffic to
the UNIX domain socket the X server listens to.  Xforward will pop up
a window asking whether you wish to accept the connection or not,
allowing you to have your cake and eat it too.  Xroute can be coaxed
to do this as well.


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Team Leader, Sun/DEC Team   Internet:  Cy.Schubert@osg.gov.bc.ca
Open Systems Group, ITSD, ISTA
Province of BC
(5133457) ------------------------------------------(Ombruten)