Firewall Wizards mailing list archives
Re: Do you permit X11 via proxy firewall?
From: "Behm, Jeffrey L." <BehmJL () bv com>
Date: Wed, 5 Sep 2007 10:50:09 -0500
We *used* to allow X11 via Gauntlet's x-gw, when I was handed the firewall as part of my new security position... Then when Gauntlet started getting passed around from vendor to vendor, and was ultimately replaced, we decided that X11 wasn't the best thing to be allowing through. Oh, and the new firewall didn't use proxying, so it was an easy "choice." We weren't about to open up a packet filter to handle that beast. Jeff On Wednesday, September 05, 2007 10:38 AM, ArkanoiD said:
And, if yes, how do you implement it? Using legacy X11 proxies that perform uninspected (though authorized) circuit relays, similar to TIS/NAI x-gw? Using something similar to xorg's xfwp (which does not seem to be compatible with older X
servers)?
Or is x11 firewall support just a useless tradition?
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Do you permit X11 via proxy firewall? ArkanoiD (Sep 05)
- Re: Do you permit X11 via proxy firewall? Skough Axel U/IT-S (Sep 05)
- Re: Do you permit X11 via proxy firewall? Behm, Jeffrey L. (Sep 05)
- Re: Do you permit X11 via proxy firewall? K K (Sep 05)
- Re: Do you permit X11 via proxy firewall? Paul Melson (Sep 05)
- Re: Do you permit X11 via proxy firewall? ArkanoiD (Sep 05)
- Re: Do you permit X11 via proxy firewall? dlang (Sep 06)
- Re: Do you permit X11 via proxy firewall? ArkanoiD (Sep 08)
- Re: Do you permit X11 via proxy firewall? jason (Sep 08)
- Re: Do you permit X11 via proxy firewall? ArkanoiD (Sep 05)
- Re: Do you permit X11 via proxy firewall? Jim Seymour (Sep 06)
- <Possible follow-ups>
- Re: Do you permit X11 via proxy firewall? dlang (Sep 10)