I am aware of the point made about the Xserver being unsecure. However, I am running the ltsp on a box behind the dachstein router. Presumably noone would be able to get to that machine w/o first getting past the router. I'm not claiming that I'm completely secure, just that the server in my case only allows specific ip addresses through, not any kind of range, and not without first creating an IPSec tunnel.
David, the information in question concerning the x-server, are these standard ports or what would be a better way of doing this? Joey -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of David Douthitt Sent: Thursday, June 06, 2002 10:49 PM To: [EMAIL PROTECTED] Subject: Re: [leaf-user] tftp and network.conf On Thu, Jun 06, 2002 at 10:03:21PM -0500, guitarlynn wrote: > On Thursday 06 June 2002 21:28, [EMAIL PROTECTED] wrote: > > > EXTERN_UDP_PORTS="ip.ad.dr.es/32_tftp" > > EXTERN_PROTO0="69 ip.ad.dr.es/32" > > > > I would presumably also need a line for the x-server, but I > > don't know of-hand what it is.. at any rate... does > > something like this work? > > the stated "tftp" probably won't work, unless the variable is > matched to a port number. So you will probably need to > find out what port tftp runs on and substitute it in the line. Port 69 is tftp; the service name is "tftp". > The same goes for allowing X-servers, vnc, and anything > else (that should probably been sent through a ssh or > zebedee encrypted tunnel in my view). vnc uses ports 5900+display# (for standard VNC), 5800+display# (for Java VNC client) and perhaps one other. ssh uses port 22. X is a special case, and requires special handling. You can't "just" forward it to another location. ssh has special handling to forward X connections and can do it well - and encrypted besides. X is a well-known security risk; no X server should probably be on (or available to) the Internet. _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
