This is the mail archive of the
cygwin-xfree
mailing list for the Cygwin XFree86 project.
Restricting Port 6000 access in Cygwin/X
- From: Kevin Brown <cre8tivspirit at live dot com>
- To: "cygwin-xfree at cygwin dot com" <cygwin-xfree at cygwin dot com>
- Date: Mon, 9 Dec 2013 09:37:47 -0500
- Subject: Restricting Port 6000 access in Cygwin/X
- Authentication-results: sourceware.org; auth=none
- Reply-to: cygwin-xfree at cygwin dot com
My company recently sent an audit finding requesting for our Cygwin/X users with a finding of the following;
"The remote host is running an X11 server. X11 is a client-server protocol that can be used to display graphical applications running on a given host on a remote client. Since the X11 traffic is not ciphered, it is possible for an attacker to eavesdrop on the connection."
The suggested solution was;
"Restrict access to this port. If the X11 client/server facility is not used, disable TCP support in X11 entirely (-nolisten tcp)."
My problem is that I haven't found any information that would help me accomplish this task. I've only recently taken over support of our Cygwin users and am not well versed in the software. Can this be done without breaking the functionality of the the software? If so, can you please advise on the steps to take to accomplish this?
Current version being used is 1.7.11-1.
Thanks,
Kevin E. Brown
Soli Deo Gloria!
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://x.cygwin.com/docs/
FAQ: http://x.cygwin.com/docs/faq/