Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Do you permit X11 via proxy firewall?

From: "Skough Axel U/IT-S" <axel.skough () scb se>
Date: Wed, 5 Sep 2007 18:51:42 +0200
Why skould one desire the allowance of a computer from unsecure network to control the keyboard and screen on a 
computer on inside? Possibly for service purposes remotely, but such traffic should regulary be protected in a far 
better manner, for example using encrypted tunneling techniques and/or some type of purely private network, not 
controlled by the firewall but rather working as extensions to the local secured network!

I would strongly recommend total blocking of the X11 ports through a firewall regardless of the vendor! 

Regards / Axel 

-----Original Message-----
From: firewall-wizards-bounces () listserv icsalabs com
[mailto:firewall-wizards-bounces () listserv icsalabs com]On Behalf Of
ArkanoiD
Sent: den 5 september 2007 17:38
To: firewall-wizards () listserv cybertrust com
Subject: [fw-wiz] Do you permit X11 via proxy firewall?


And, if yes, how do you implement it?
Using legacy X11 proxies that perform uninspected (though authorized)
circuit relays, similar to TIS/NAI x-gw? Using something similar to 
xorg's xfwp (which does not seem to be compatible with older X servers)?

Or is x11 firewall support just a useless tradition?
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: