How to close X11 port 6000 on RH8.0 ready to quit [Archive]

Click to See Complete Forum and Search --> : How to close X11 port 6000 on RH8.0 ready to quit

edloco

11-29-2002, 06:41 PM

Hey all I know RTFM,and do searches well ive been doing that and either something is wrong with my RH8.0 cds or I need to use another distro......maybe LM9.0 ....Well heres what ive tried so far edited startx script put "nolisten tcp" on serverargs= line............also edited :0 local/usr/X11R6/bin/X to :0 local /usr/X11R6/bin/X -nolisten tcp also did an xhost - for security .........ok i give up man dont know what else to do on linux mandrake all i have to do is edit the xservers file to include -nolisten tcp and reboot an presto port 6000 is closed but on RedHat 8.0 that dont work for some strange reason ......my firewall has that port blocked but i want to know how to close it just to know its like a mission now so if anybody has any help for me or is having the same problem let me know please thanksssss to all ........

Thanatos

11-30-2002, 09:06 PM

generic answer, I know, but it might help: most rules for security are sequential, i.e.

close 6000
open 6000

would yield open 6000, since it is 'last in line'....if you have something somewhere that is opening the port later on, in that or another config, that could be the source of your problem. You DID save your configs after editing, right??

edloco

12-01-2002, 11:22 PM

I dont understand your reply ? What file are you talking about ? I saved my edited files made bakup files .........Still cant solve this Port 6000 problem...... help anyone......... thanksssss

pcghost

12-03-2002, 12:37 PM

In your iptables file (/etc/sysconfig/iptables), you are using iptables right, put the following line in

-A INPUT -i ETH0 --p tcp --syn --destination-port 6000 -j DROP

That should lock down the port. Don't forget to restart iptables and your interfaces before the rule will take effect. Good luck and if you hit a snag, post your iptables..

hiker_42

12-11-2002, 01:08 AM

If you'll edit /etc/X11/gdm/gdm.conf and edit the following line:

Towards the bottom of the file is a section:

[server-Standard]
name=Standard server
command=/usr/X11R6/bin/X
flexible=true

add -nolisten tcp to the end of the 3rd line so it reads:

command=/usr/X11R6/bin/X -nolisten tcp

This will stop X11 from listening on port 6000!