Re: single linux box on dsl?

[Guy Fraser <guy@xxxxxxxxxxxx>]

Satish Balay wrote:

> On Thu, 13 May 2004, Adam Voigt wrote:
>  
>
> > On Thu, 2004-05-13 at 13:39, Guy Fraser wrote:
> >    
> >
> > > Yes FC1 does use TCP ports for X11.
> > >
> > > Display :0.0 = TCP port 6000
> > >      
> > So why does nmap'ing localhost and your actual IP reveal no X11 ports?
> >    
>
> One can also try:
> netstat -p |grep X11
>
> For me - it shows that X11 is using unix-sockets.
>
> Staish
I searched www.xfree86.org and found no solid evidence that their should not be a TCP port.

I see both TCP and Unix ports :

$ sudo netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:6000            0.0.0.0:*               LISTEN      906/X
tcp        0      0 0.0.0.0:10000           0.0.0.0:*               LISTEN      883/perl
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      678/sshd
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      3938/cupsd
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      735/sendmail: accep
udp        0      0 0.0.0.0:10000           0.0.0.0:*                           883/perl
udp        0      0 0.0.0.0:67              0.0.0.0:*                           716/dhcpd
udp        0      0 0.0.0.0:69              0.0.0.0:*                           692/xinetd
udp        0      0 0.0.0.0:631             0.0.0.0:*                           3938/cupsd
udp        0      0 206.75.213.195:123      0.0.0.0:*                           707/ntpd
udp        0      0 127.0.0.1:123           0.0.0.0:*                           707/ntpd
udp        0      0 0.0.0.0:123             0.0.0.0:*                           707/ntpd
raw        0      0 0.0.0.0:1               0.0.0.0:*               7           716/dhcpd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING     1818262 16886/esd           /tmp/.esd/socket
unix  2      [ ACC ]     STREAM     LISTENING     1387   864/dbus-daemon-1   /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     4244   1351/gconfd-2       /tmp/orbit-guy/linc-547-0-29ebc7235b75b
unix  2      [ ACC ]     STREAM     LISTENING     10303  1404/artsd          /tmp/mcop-guy/sigurd_incentre_net-057c-409f91dc
unix  2      [ ACC ]     STREAM     LISTENING     1255334 13399/bonobo-activa /tmp/orbit-guy/linc-3457-0-70cc5952eb5e8
unix  2      [ ACC ]     STREAM     LISTENING     1255353 13401/at-spi-regist /tmp/orbit-guy/linc-3459-0-3dbbf716d027
unix  2      [ ACC ]     STREAM     LISTENING     1817952 16860/mozilla-bin   /tmp/orbit-guy/linc-41dc-0-3837d0947179a
unix  2      [ ACC ]     STREAM     LISTENING     1793110 16707/ggv-postscrip /tmp/orbit-guy/linc-4143-0-1dbd4283c2d37
unix  2      [ ACC ]     STREAM     LISTENING     1981   1023/kdeinit: Runni /tmp/ksocket-guyhDIdNl/kdeinit__0
unix  2      [ ACC ]     STREAM     LISTENING     1983   1023/kdeinit: Runni /tmp/ksocket-guyhDIdNl/kdeinit-:0
unix  2      [ ACC ]     STREAM     LISTENING     2012   1028/kdeinit: klaun /tmp/ksocket-guyhDIdNl/klauncherNly9ha.slave-socket
unix  2      [ ACC ]     STREAM     LISTENING     1369   846/xfs             /tmp/.font-unix/fs7100
unix  2      [ ACC ]     STREAM     LISTENING     1468   906/X               /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     1950   990/ssh-agent       /tmp/ssh-mPotG931/agent.931
unix  2      [ ACC ]     STREAM     LISTENING     1991   1026/kdeinit: dcops /tmp/.ICE-unix/dcop1026-1084198294
unix  2      [ ACC ]     STREAM     LISTENING     2144   1057/kdeinit: ksmse /tmp/.ICE-unix/1057


I decided to look at www.x.org and they indicate that X can accept commands from TCP and IPC but do not indicate in the security information how to disable TCP.