In message <9209282301 .
gov> you write:
|I'd be interested in hearing what kinds of solutions folks are using to run X
|firewalls. -- I'll post a summary of any responses I get.
| tmd @
While we are still not implementing a firewall (and I intend to block X
when we do so, just because its unlikely to be usefull to anyone) I think
that X11R5 could be considered quite safe with the Magic-Cookie mechanism,
besides that I think it should be blocked like any other remote-access
protocol (i.e., according to my approach, block it and allow only certain
machines from outside to login to (a) certain machine(s) inside temporarily
when one of the staff members visits abroad and needs access).
--Amos Shapira (Jumper Extraordinaire)
CS System Group, Hebrew University, Jerusalem, Israel