Bugtraq: quick and dirty x-protect

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

quick and dirty x-protect

From: hobbit () avian org (*Hobbit*)
Date: Wed, 4 Sep 1996 14:07:26 -0400


If you're on a system that you haven't custom-built the X server for but
supports stock BSD-style bind(), you can always run something like

        #!/bin/sh
        while true ; do
          nc -v -l -s `hostname` -p 6000 -n 2.2.2.2 2
        done

which will holler when someone tries to tickle your server.  Then make all
your own connections via localhost, the unix-domain socket, or a relay from
some other TCP port.

Note tricky positional use of "-n" for speed.  Replace "2.2.2.2 2" with
something randomish.  This still won't completely protect the server since
there's a small window where the listener isn't running, but at least you'll
*know* when someone screwed with it.

_H*

By Date By Thread

Current thread:

Re: Reachable addresses on the net (was SYN floods), (continued)
- Re: Reachable addresses on the net (was SYN floods) Oliver Xymoron (Sep 03)
- Re: Reachable addresses on the net (was SYN floods) Oliver Xymoron (Sep 03)
  - Re: Reachable addresses on the net (was SYN floods) Alan Cox (Sep 04)
  - quick and dirty x-protect *Hobbit* (Sep 04)
- Re: Reachable addresses on the net (was SYN floods) Charles M. Hannum (Sep 10)