Firewall Wizards mailing list archives
Re: X server in a Firewall
From: Peter Bruderer <brudy () bruderer-research com>
Date: Wed, 25 Jan 2006 08:51:12 +0100
On Tue, 2006-01-24 at 19:57 -0800, John M wrote:
But what do you think about a _local_ GUI administration (via X window) in a firewall? My question was: what is better (or worse), taking in account the GUI requeriment: a local X window server running in the firewall, to be managed localy(that is, no remote access) or a web server, ssh based system or another port based in a proprietary protocol, to be managed remotely? Or rephrasing the question: which is riskier?
Software has bugs. Having X Windows running on a firewall opens a big risk of local exploits. What's not installed can not be hacked and does not need to be maintained. If you cannot manage the firewall without the local GUI, maybe you should get another product. There are enough good products, which do not need a local GUI to administrate the firewall and do not run on a simple not even hardened version of Linux or FreeBSD. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: X server in a Firewall, (continued)
- Re: X server in a Firewall Paul D. Robertson (Jan 24)
- Re: X server in a Firewall John M (Jan 24)
- Re: X server in a Firewall Paul D. Robertson (Jan 24)
- Re: X server in a Firewall Brian Loe (Jan 24)
- Re: X server in a Firewall Paul D. Robertson (Jan 24)
- Re: X server in a Firewall John M (Jan 24)
- Re: X server in a Firewall Chuck Swiger (Jan 24)
- Re: X server in a Firewall Marcus J. Ranum (Jan 24)
- Re: X server in a Firewall Cat Okita (Jan 24)
- Re: X server in a Firewall John M (Jan 24)
- Re: X server in a Firewall Marcus J. Ranum (Jan 24)
- Re: X server in a Firewall Peter Bruderer (Jan 25)
- Re: X server in a Firewall Paul D. Robertson (Jan 24)
- Re: X server in a Firewall Cat Okita (Jan 24)
- Re: X server in a Firewall Paul D. Robertson (Jan 24)
- Re: X server in a Firewall Cat Okita (Jan 24)