|
|
|
|
|
|
 |
 |
|
|
|
||||||
|
|
5.9 What are the issues about X11 through a firewall?The X Windows System is a very useful system, but unfortunately has some major security flaws. Remote systems that can gain or spoof access to a workstation's X display can monitor keystrokes that a user enters, download copies of the contents of their windows, etc.While attempts have been made to overcome them (E.g., MIT ``Magic Cookie'') it is still entirely too easy for an attacker to interfere with a user's X display. Most firewalls block all X traffic. Some permit X traffic through application proxies such as the DEC CRL X proxy (FTP crl.dec.com). The firewall toolkit includes a proxy for X, called x-gw, which a user can invoke via the Telnet proxy, to create a virtual X server on the firewall. When requests are made for an X connection on the virtual X server, the user is presented with a pop-up asking them if it is OK to allow the connection. While this is a little unaesthetic, it's entirely in keeping with the rest of X.
|
|
Vesaria, LLC
443.501.4044 NEW JERSEY: 708 Lakeview Drive Lakewood, NJ 08701 MARYLAND: 722 Dulaney Valley Road, Suite 192 Towson, MD 21204
|
||||
|
© 2000 - 2012 Vesaria Network Security Specialists | |
|||||
|
|
|
|
|
|
|
|
| Call Us at 443.501.4044 |
