Results 1 to 6 of 6

Thread: Security

  1. #1
    Junior Member
    Join Date
    Dec 2003
    Posts
    3

    Security

    Hi Gurus,

    I just installed Knoppix 3.3 on my HDD. It works incredibly well, but I have a problem with the security level. I do use Knoppix to connect on other unix servers (Sun, HP, ...) and develop on those machines. The trouble is that a telnet works ok but I can't run any graphical interface because of DISPLAY not reachable. However, I have defined and exported the DISPLAY as found in 'ifconfig'. I have also enabled external display through 'xhost +'. Finally, I've found in /etc/hosts.allow and /etc/hosts.deny that the config was set up as 'PARANOID'. I've renamed both files (according to the man page, lack of file opens the connection). As long as I do not run a server but a workstation, security is not a major constraint for me. I'm missing a config file somewhere to enable DISPLAY to pass through but where. While testing, I realized that even assigning the IP address to the user knoppix (rather than the hos name) causes the same problem.

    Could anyone help on this ?

    TIA,

    Pierre

  2. #2
    Senior Member registered user
    Join Date
    Nov 2003
    Posts
    361
    Umm, why would you want to use telnet in the first place ?
    ssh is safer and it is handy also in places where you don't need security.

  3. #3
    Junior Member
    Join Date
    Dec 2003
    Posts
    3
    Quote Originally Posted by windos_no_thanks
    Umm, why would you want to use telnet in the first place ?
    ssh is safer and it is handy also in places where you don't need security.
    Good question I didn't ask myself, but I assume it would make no difference in the current situation: graphical apps can't open the display and do abort. You could test it youself:

    1) 'ifconfig' to determine your IP address
    2) export DISPLAY=IP address:0.0 (192.168.1.10:0.0 for example)
    3) 'xclock' returns Error: Can't open display: ...

    Any idea?

    TIA,

    Pierre

  4. #4
    Senior Member registered user
    Join Date
    Feb 2003
    Location
    Nova Scotia, Canada
    Posts
    2,479
    Quote Originally Posted by pierrevn
    Quote Originally Posted by windos_no_thanks
    Umm, why would you want to use telnet in the first place ?
    ssh is safer and it is handy also in places where you don't need security.
    Good question I didn't ask myself, but I assume it would make no difference in the current situation: graphical apps can't open the display and do abort. You could test it youself:

    1) 'ifconfig' to determine your IP address
    2) export DISPLAY=IP address:0.0 (192.168.1.10:0.0 for example)
    3) 'xclock' returns Error: Can't open display: ...

    Any idea?

    TIA,

    Pierre
    You are looking for the setting nolisten tcp in the file /etc/kde3/kdm/Xservers if you are doing this in KDE.

    [edit]
    You would have to restart kdm for the changes to take effect with /etc/init.d/kdm restart as root this best done from a console login unless you want to lose any unsaved work when KDE re-starts.
    [/edit]

  5. #5
    Junior Member
    Join Date
    Dec 2003
    Posts
    3
    Thanks to you, Stephen: I removed this 'nolisten tcp' from the file and it works now as I expect. Great!

    Cheers,

    Pierre

  6. #6
    Senior Member registered user
    Join Date
    Nov 2003
    Posts
    361
    Quote Originally Posted by pierrevn
    Quote Originally Posted by windos_no_thanks
    Umm, why would you want to use telnet in the first place ?
    ssh is safer and it is handy also in places where you don't need security.
    Good question I didn't ask myself, but I assume it would make no difference in the current situation: graphical apps can't open the display and do abort. You could test it youself:

    1) 'ifconfig' to determine your IP address
    2) export DISPLAY=IP address:0.0 (192.168.1.10:0.0 for example)
    3) 'xclock' returns Error: Can't open display: ...

    Any idea?

    TIA,

    Pierre
    I see you already got it working but using ssh should have made a difference. Using the -X switch (by default on in knoppix so you usually don't need to specify it) ssh forwards the
    X connections through the encrypted pipe. The application on the remote machine thinks
    it is using a display on the same machine, your X-server also thinks the application is on the
    same machine as itself and everyone is happy.

Similar Threads

  1. Security
    By eadz in forum Hdd Install / Debian / Apt
    Replies: 11
    Last Post: 11-04-2010, 09:02 PM
  2. Hdd Security
    By NetKatz in forum Hdd Install / Debian / Apt
    Replies: 2
    Last Post: 05-02-2004, 02:38 PM
  3. security
    By RNK in forum Customising & Remastering
    Replies: 13
    Last Post: 04-29-2004, 12:37 PM
  4. Security and apt-get
    By Edix in forum Hdd Install / Debian / Apt
    Replies: 1
    Last Post: 11-10-2003, 08:20 PM
  5. security
    By kipizit in forum General Support
    Replies: 1
    Last Post: 11-07-2003, 03:08 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Dell PowerEdge R720 Server - 2x8c CPU,256Gb RAM, 128Gb SSD/3x600Gb SAS, Proxmox picture

Dell PowerEdge R720 Server - 2x8c CPU,256Gb RAM, 128Gb SSD/3x600Gb SAS, Proxmox

$360.00



Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM 12x4TB picture

Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM 12x4TB

$510.00



Dell PowerEdge R730XD 28 Core Server 2X Xeon E5-2680 V4 H730 128GB RAM No HDD picture

Dell PowerEdge R730XD 28 Core Server 2X Xeon E5-2680 V4 H730 128GB RAM No HDD

$389.99



Dell PowerEdge R730, 2 sinks, SystemBoard, 8 trays,H330,Idrac 8 exp, 2x750w Psu picture

Dell PowerEdge R730, 2 sinks, SystemBoard, 8 trays,H330,Idrac 8 exp, 2x750w Psu

$135.00



Dell Poweredge R730xd 2.5in 2x E5-2690 v3 2.6ghz 24-Cores  64gb  H730  2x 750w picture

Dell Poweredge R730xd 2.5in 2x E5-2690 v3 2.6ghz 24-Cores 64gb H730 2x 750w

$189.99



DELL POWEREDGE T430 SERVER W/ DUAL XEON E5-2609 CPU & 16GB MEMORY picture

DELL POWEREDGE T430 SERVER W/ DUAL XEON E5-2609 CPU & 16GB MEMORY

$329.00



Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM DDR3 NO HDs picture

Dell PowerEdge R720XD Xeon E5-2680 V2 2.8GHz 20 Cores 256GB RAM DDR3 NO HDs

$250.00



Dell PowerEdge R330 Xeon E3-1220 v5 3.0GHz  8gb  H330  2x 3.5

Dell PowerEdge R330 Xeon E3-1220 v5 3.0GHz 8gb H330 2x 3.5" Trays SVR 2012

$119.99



DELL PowerEdge R630 8SFF Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45 picture

DELL PowerEdge R630 8SFF Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45

$254.00



DELL PowerEdge R730 Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45 picture

DELL PowerEdge R730 Server 2x E5-2690v3 2.6GHz =24 Cores 32GB H730 4xRJ45

$274.00