Re: [MLUG]

Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: MLUG list <EMAIL:PROTECTED>
Subject: Re: [MLUG]
From: Tymm Twillman <EMAIL:PROTECTED>
Date: Wed, 5 Apr 2000 11:59:08 -0500
In-Reply-To: <EMAIL:PROTECTED>
Reply-To: EMAIL:PROTECTED
Sender: EMAIL:PROTECTED

Note with tcpwrappers you can use "spawn" to run a shell script to
log connects, email you, etc... (there are some other nice commands too) 
as long as you have the functionality compiled in (RH enables this in the
RPMs).

-Tymm

On Wed, 5 Apr 2000, Mike Miller wrote:

> On Wed, 5 Apr 2000, Buford, Rick wrote:
> 
> > Are there any security risks associated with using vncserver? I
> > remember that older versions of vnc had a security flaw that would
> > essentially let anyone log into the session...
> 
> What?!  I hope not because I've been using it for a year or so and I've
> read the list most of that time and I haven't heard of this problem.  
> Tell me more.
> 
> 
> > Other than locking the display before closing the session, is there
> > anything else I need to do to secure this? Is there a way to force the
> > server in /etc/rc.d/init.d/ to run as non-root? Since I havent been
> > using any GUI on any of my linux boxes, being able to run an X/Gnome
> > session is kind of a hoot =)
> 
> I compiled in tcp_wrappers support for Xvnc, so I restrict access that
> way.  Unfortunately, the Xvnc attempts are not logged by tcp_wrappers.  
> Now I am using iplog (thanks to someone on this list who told me about
> it).  iplog will log all attempts to connect to all ports (Xvnc is in the
> 5900-5999 range), thus that I can see what's happening with Xvnc.  I also
> have the hosts.deny file of tcp_wrappers configured to send me an e-mail
> message whenever a connection to Xvnc is rejected by tcp_wrappers.  So I
> feel pretty secure altogether.
> 
> Mike
> 
> -- 
> Michael B. Miller
> University of Missouri--Columbia
> http://taxa.psyc.missouri.edu/~mbmiller/
> 
> --
> To unsubscribe, send a new message with no subject and the words
> "unsubscribe members" in the body to EMAIL:PROTECTED
> 
> Archives are available at http://mlug.missouri.edu/list-archives/
> 

--
To unsubscribe, send a new message with no subject and the words
"unsubscribe members" in the body to EMAIL:PROTECTED

Archives are available at http://mlug.missouri.edu/list-archives/

Follow-Ups:
- Re: [MLUG]
  - From: Mike Miller <EMAIL:PROTECTED>

References:
- Re: [MLUG]
  - From: Mike Miller <EMAIL:PROTECTED>

Prev by Date: RE: [MLUG] IRIX vs. Windows E-mail Problem
Next by Date: RE: [MLUG] IRIX vs. Windows E-mail Problem
Previous by thread: Re: [MLUG]
Next by thread: Re: [MLUG]
Index(es):
- Date
- Thread