Firewall Wizards mailing list archives
X server in a Firewall
From: John M <idm.john () yahoo com>
Date: Tue, 24 Jan 2006 14:24:04 -0800 (PST)
Taking in account that a graphical interface is a requirement, from a risk standpoint, what is the problem in running a X server (using local IPC, no external port) in an unix based firewall box to manage it (using a gtk interface, for exemple)? Managing it trough a ssh port (or a web interface or another port used by a proprietary console) wouldn't increase the risk? since the ssh daemon (or web server, etc) could be vulnerable and, even if is only accepting connections from a specific IP, someone on internal network could do ARP spoofing or something. Besides this, the box managing the firewall could have a key logger installed. (I know, in an ideal world...). __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- X server in a Firewall John M (Jan 24)
- Re: X server in a Firewall Paul D. Robertson (Jan 24)
- Re: X server in a Firewall John M (Jan 24)
- Re: X server in a Firewall Paul D. Robertson (Jan 24)
- Re: X server in a Firewall Brian Loe (Jan 24)
- Re: X server in a Firewall Paul D. Robertson (Jan 24)
- Re: X server in a Firewall John M (Jan 24)
- Re: X server in a Firewall Chuck Swiger (Jan 24)
- Re: X server in a Firewall Marcus J. Ranum (Jan 24)
- Re: X server in a Firewall Cat Okita (Jan 24)
- Re: X server in a Firewall John M (Jan 24)
- Re: X server in a Firewall Marcus J. Ranum (Jan 24)
- Re: X server in a Firewall Paul D. Robertson (Jan 24)