Restricting Port 6000 access in Cygwin/X

Kevin Brown
Mon Dec 9 14:37:00 GMT 2013

My company recently sent an audit finding requesting for our Cygwin/X users with a finding of the following;
"The remote host is running an X11 server.  X11 is a client-server protocol that can be used to display graphical applications running on a given host on a remote client.   Since the X11 traffic is not ciphered, it is possible for an attacker to eavesdrop on the connection."
The suggested solution was;
"Restrict access to this port. If the X11 client/server facility is not used, disable TCP support in X11 entirely (-nolisten tcp)."
My problem is that I haven't found any information that would help me accomplish this task. I've only recently taken over support of our Cygwin users and am not well versed in the software. Can this be done without breaking the functionality of the the software? If so, can you please advise on the steps to take to accomplish this?
Current version being used is 1.7.11-1.

Kevin E. Brown

Soli Deo Gloria! 		 	   		  
Unsubscribe info:
Problem reports:

More information about the Cygwin-xfree mailing list