Hello, what is the right way to disable XFree86 and wdm listening ports tcp 6000 and tcp 1024. I read in man XFree86 about the -nolisten tcp option and tried to set in /usr/X11R6/lib/X11/xdm :0 local /usr/X11R6/bin/X -nolisten tcp but it was not successful. What is the right way to close the ports without use of IPFW? Your help would be appreciated. Thank?s Wolfgang
http://www.onlamp.com/pub/a/bsd/2002/08/08/FreeBSD_Basics.html To quote: "There are several ways to close this port; I've found the easiest is to become the superuser and edit /usr/X11R6/bin/startx. Find the serverargs line and change it so that it looks like this: serverargs="-nolisten tcp" Once you've saved your changes, start X as a regular user and rerun sockstat -4. If you didn't have any typos, X will start as usual, but port 6000 will be missing in your sockstat -4 output." I never run wdm so don't know there. --- Wolfgang Kess <bsdlist@kess.ch> wrote:> Hello, > > what is the right way to disable XFree86 and wdm listening > ports tcp 6000 and tcp 1024. > > I read in man XFree86 about the -nolisten tcp option > and tried to set in /usr/X11R6/lib/X11/xdm > > :0 local /usr/X11R6/bin/X -nolisten tcp > > but it was not successful. > > > What is the right way to close the ports without use of IPFW? > > Your help would be appreciated. > > ThankĀ“s > Wolfgang > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to"freebsd-security-unsubscribe@freebsd.org" ====----------------------------------------------------------- Get a taste of Religion ... eat a priest! ----------------------------------------------------------- __________________________________ Do you Yahoo!? Exclusive Video Premiere - Britney Spears http://launch.yahoo.com/promos/britneyspears/
wdm is a replacement for xdm and has it's own configuration directory, similar in nature to xdm but called wdm. There are different ways to achieve your desired result, you should find an appropriate place in /usr/X11R6/lib/X11/wdm/wdm-config to add the -nolisten tcp option to the server line similar to the xdm option you tried already. For gdm, the process is similar the line to start the X server is in gdm.conf and would look like command=/usr/X11R6/bin/X -nolisten tcp. There are other places this can be done, but these options might be easiest for you. You might also want to make sure you have XDMCP turned off also otherwise you'll be listening on udp 177 too. Around 10:15pm Wolfgang Kess said: WK :Hello, WK : WK :what is the right way to disable XFree86 and wdm listening WK :ports tcp 6000 and tcp 1024. WK : WK :I read in man XFree86 about the -nolisten tcp option WK :and tried to set in /usr/X11R6/lib/X11/xdm WK : WK ::0 local /usr/X11R6/bin/X -nolisten tcp WK : WK :but it was not successful. WK : WK : WK :What is the right way to close the ports without use of IPFW? WK : WK :Your help would be appreciated. WK : WK :Thank?s WK :Wolfgang WK : WK :_______________________________________________ WK :freebsd-security@freebsd.org mailing list WK :http://lists.freebsd.org/mailman/listinfo/freebsd-security WK :To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" WK : ------------------------------------------------------------- Nigel Houghton Security Research Engineer Sourcefire Inc. Vulnerability Research Team "Mankind hasn't even got the technology to create a toupee that doesn't get big laughs." -- Lister