Re: [TCLUG:19205] X Problem...

[mjn <mjn@tc.umn.edu>]

> well, you may have not excluded localhost from the blocking rules.  You
> should try running `telnet localhost 6000' when you have an X server
> running -- if it connects, the port is open, and you should look
> elsewhere to fix the problem.

The default is to allow connects to the high ports(everything over
1020) so 5999:6003, like I set up in my rules, shouldn't be necessary.  i
have since removed it.

I did `telnet 0 6000' from localhost and got this:

Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
Connection closed by foreign host.

I am assuming this is an indication that the port is open and
listening.  `startx' still yeilds the same error.

Any other ideas on why X might be broken?



Side note:  Anyone real savy with ipchains and want to start up a
discussion on what's good/what's bad and what they'd consider a secured
state for ipchains?

Right now I am allowing http, ssh(I hope to get SSL working soon), ftp,
and access on 6101 to one machine in our shop so Veritas can back me
up(although I am unsure if the rules i set up for this are actually
working correctly).  I can ping out but no one can ping my machine but I
don't have much more in the way of "security" on the box(excluding TCP
wrappers and Portsentry).  Anything else which might be beneficial as far
as ipchains settings or other third party software?


____________________________
Mike Neuharth
ADCS Technology Specialist
http://www.umn.edu/adcs

E-Mail		: mjn@tc.umn.edu
Page Mail	: 6123065932@messaging.sprintpcs.com
http://nifty.dsl.visi.com/
____________________________