Page 260 of the second edition of Hacking Linux Exposed gives a simple trick to prevent X from listening on port 6000. If you run the X Window System using 'startx' from the command prompt, and have nothing but sshd listening, you'll find port 6000 listening once X starts:
netstat -natup
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
Instead launch the X server using 'startx -- -nolisten tcp'. Here's the netstat output now:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
Better yet, add the following to your .bash_profile to automate this process:
alias startx='startx -- -nolisten tcp'
0 komentar:
Posting Komentar