Re: gnome-login-check hangs?

From: Steve Cox <stevec canaries co uk>
To: Bret Mogilefsky <mogul gelatinous com>
Cc: gnome-list gnome org
Subject: Re: gnome-login-check hangs?
Date: Fri, 14 Jul 2000 22:32:00 +0000 (GMT)

On Mon, 10 Jul 2000, Bret Mogilefsky wrote:

> Hi... I've changed lots of permissions and shut down some services and hopefully
> gotten a much more secure system by running Bastille-linux.  However, when
> bastille-firewall is on, Gnome logins hang at gnome-login check.  Does
> gnome-login-check do something that might be conflicting with my
> packet-filtering?  I'm having a hard time debugging this as I don't get any
> logging anywhere as far as I can tell...
> 
> Thanks!
> Bret
> 
> _______________________________________________
> gnome-list mailing list
> gnome-list@gnome.org
> http://mail.gnome.org/mailman/listinfo/gnome-list
> 
Hi,

gnome uses TCP/UPD ports. A packet filter - if installed on a machine
running gnome - may block these. (Normally, packet filtering would be
put on a seperate, minimally installed PC which handles internet
connectivity only). I guess you have put a firewall on your workstation
so you will have to find out what ports are being used by gnome and
'ACCEPT' these connections on the local interface only - if it is just
a stand-alone workstation, this would be the 'lo' interface (lookback
127.0.0.1). If they are allowed on the external, internet interface then
there is a security risk from outside.

If you use netstat, you can find out what services are listening on what 
ports.

If your firwall is easy to configure, you may want to allow most
connections over the lo interface so you can happily run X/gnome
but make sure you stop and incoming commections claiming to be from the lo
or 127.0.0.1 address (IP spoofing)

steve

References:
- gnome-login-check hangs?
  - From: Bret Mogilefsky

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]