[vox-tech] X11 forward - used for hacking?

Ken Herron kherron+lugod at fmailbox.com
Tue Jun 8 19:14:03 PDT 2004


--On Tuesday, June 08, 2004 05:46:19 PM -0700 Bill Kendrick 
<nbs at sonic.net> wrote:

> Also, she doesn't send mail locally, but does from the ISP's shell.
> *shrug*

The host being scanned was a shell server operated by your ISP, right? 
Maybe one of their other customers triggered the scan.


> "ForwardX11" was set locally on her laptop, and I saw "X11Forwarding
> yes" in the ISP's "/etc/sshd_config", so maybe that's how it happened.

The other setting of interest is "X11UseLocalhost" in the remote server's 
sshd config file. This controls whether your remote X11 listener is 
accessible over the network or just by clients on the same host as the 
sshd process.

-- 
Ken Herron


More information about the vox-tech mailing list