Firewalls: Re: X and firewalls

Firewalls
(September 1992)

Indexed By Thread: [Previous] [Next]

Subject:	Re: X and firewalls
From:	Amos Shapira <amoss @ cs . huji . ac . il>
Date:	Tue, 29 Sep 92 15:42:43 +0200
To:	tmd @ s1 . gov (Tina M. Darmohray)
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	Your message of Mon, 28 Sep 92 16:01:18 PDT . <9209282301 . AA12661 @ random . s1 . gov>

In message <9209282301 .
 AA12661 @
 random .
 s1 .
 gov> you write:
|
|I'd be interested in hearing what kinds of solutions folks are using to run X 
|through
|firewalls. -- I'll post a summary of any responses I get.
|
|	Tina
|	tmd @
 s1 .
 gov

While we are still not implementing a firewall (and I intend to block X
when we do so, just because its unlikely to be usefull to anyone) I think
that X11R5 could be considered quite safe with the Magic-Cookie mechanism,
besides that I think it should be blocked like any other remote-access
protocol (i.e., according to my approach, block it and allow only certain
machines from outside to login to (a) certain machine(s) inside temporarily
when one of the staff members visits abroad and needs access).

Cheers,

--Amos Shapira (Jumper Extraordinaire)

CS System Group, Hebrew University, Jerusalem, Israel
amoss @
 cs .
 huji .
 ac .
 il

Follow-Ups:

Re: X and firewalls
From: Daren W. Latham <dwl @ mentat . udev . cdc . com>

References:

X and firewalls
From: tmd @ s1 . gov (Tina M. Darmohray)

Indexed By Date	Previous:	SUMMARY: Why allow incoming telnet? From: Frederick M. Avolio <avolio @ dco . dec . com>
Indexed By Date	Next:	Re: SUMMARY: Why allow incoming telnet? From: Joe Peck <peck @ PA . DEC . COM>
Indexed By Thread	Previous:	Re: X and firewalls From: Gene Spafford <spaf @ cs . purdue . edu>
Indexed By Thread	Next:	Re: X and firewalls From: Daren W. Latham <dwl @ mentat . udev . cdc . com>