On Sun, 6 Jan 2008, John Summerfield wrote: > Robert P. J. Day wrote: > > 3) on the server side, what is the purpose of the *other* ports > > associated with each listening port? that is, after i start vncserver > > listening on port, say, 5917, i can see listening ports 5817 and 6017 > > suddenly active as well. what are they for? > > 6017 I think is X being X. > > Try this: > In your VNC session, open a terminal and run the command > xhost + > > and from another host or session > DISPLAY=vnchost:17 xterm > (making the proper substitution for vnchost). > > I believe one can use this to get anaconda to display on another system than > the install box by setting DISPLAY in the boot menu. that sort of sounds reasonable, i'll look into that further. i do note that you can prevent the vncserver from listening on the 60xx TCP port by invoking it with the "-nolisten tcp" option but i still haven't clarified in my mind what it is you'd be trying to prevent by doing that. i'll keep reading. rday p.s. in terms of securing VNC, i note that the general advice is to run vncserver with the options: -nohttpd to disqualify browser-based (Java?) viewers -localhost to enforce SSH tunneling -nolisten tcp (not sure about this yet) -- ======================================================================== Robert P. J. Day Linux Consulting, Training and Annoying Kernel Pedantry Waterloo, Ontario, CANADA Home page: http://crashcourse.ca Fedora Cookbook: http://crashcourse.ca/wiki/index.php/Fedora_Cookbook ========================================================================