NOW YOU KNOW...

Previous page
Table of content
Next page

NOW YOU KNOW

This chapter has laid out the basics of the X Window System architecture and has given you an idea of some of the potential security risks you take when running X-based applications. The power to run graphical applications remotely comes at a price.

There are several X- related utilities available that can exploit some of these security risks. We mentioned xkey, which lets you monitor the keystrokes on an X server to which you have access (either legitimately or from a lack of authorization and access control). Another program, xwatchwin, will let you view the actual contents of the X server's window, again assuming you have access. You can use a program called xscan to search networks for X servers that would be vulnerable to these kinds of attacks. All of these utilities are available for download at http://www.packetstormsecurity.nl/.

Have we scared you away from running X yet? Don't be. You just need to remember three basic points when you're running an X server to keep it as secure as possible:

  • Avoid xhost access control if possible. It's the least secure option you have. Use xauth variations instead.

  • Run all your remote X applications back to your X server through an SSH tunnel.

  • Turn off XDMCP unless you're positive your network is private and trusted.


Previous page
Table of content
Next page
Anti-Hacker Tool Kit
Anti-Hacker Tool Kit, Third Edition
ISBN: 0072262877
EAN: 2147483647
Year: 2006
Pages: 175
Authors: Mike Shema, Chris Davis, David Cowen
BUY ON AMAZON
Software Configuration Management
WebLogic: The Definitive Guide
The Complete Cisco VPN Configuration Guide
Postfix: The Definitive Guide
Ruby Cookbook (Cookbooks (OReilly))
Sap Bw: a Step By Step Guide for Bw 2.0
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy