Dear colleagues:
After going down to yet another CDE hack (first ttdbserverd, then
snmpXdmid, then dtspcd) I decided to firewall, quick and dirty. I bought
some of those Linksys router/NAT boxes like I use at home and they work
great. The only open ports are the ones you deliberately open. Some people
have admonished me that I.T. will be unhappy about this, but I don't think
I.T. has any way of telling.
However, I'd like to let remote X-sessions occur through the firewall. One
of my books says the first one takes port 6000 and additional sessions take
6001, 6002, etc. I opened 6000-6010 but can't connect, so I suspect some
other ports are farmed out. Nothing is mentioned in etc/services.
pid 1 launches a dtlogin which is the ppid for another dtlogin as well as
/usr/openwin/bin/Xsun. The second dtlogin spawns /usr/dt/bin/Xsession. A
man page on dtlogin points me to a bunch of configuration files in
/usr/dt/config but I've not found the port info I'm looking for.
Apparently, I can restrict X-access with these config files as well, but
the first question is how to find the ports I need to open.
Idears?
Bill
William C. Stevens, Ph.D. Nuclear Magnetic Resonance Facility
Director Southern Illinois University
Carbondale, IL 62901-4405
618-453-6498 voice
618-453-6408 fax wstevens_at_siu.edu
http://opie.nmr.siu.edu
Received on Wed Aug 07 2002 - 14:30:43 MST