My X server is listening on port 6000 and I simply can't find a good way to stop it from doing so!
I tried altering multiple config files (the startx script, Xservers script from the kdm configs) and still I have X listening!
(Of course there is still a firewall blocking reactions on that port)
Normaly a line like -nolistening tcp has to be added after defining the X server executable. This is a default setting but appearently not on my system.
What am I doing wrong?
Actually, the line "-nolisten tcp", try putting it in your /usr/X11R6/bin/startx, on the serverargs option.
I've tried that before. Personaly I think the startx script is ommited whenever you use a graphical login manager like xdm, kdm, gdm etc... .
Kdm keeps it's config files in "/opt/kde/share/config/kdm/". According to the kde documentation one should alter the lines of the Xservers file. But these should contain the line -nolisten tcp by default. In my case (a fresh kde 3.4 install) the file did'nt so a changed it to:
# $Xorg: Xserv.ws.cpp,v 1.3 2000/08/17 19:54:17 cpqbld Exp $ # # Xservers file, workstation prototype # # This file should contain an entry to start the server on the # local display; if you have more than one display (not screen), # you can add entries to the list (one per line). If you also # have some X terminals connected which do not support XDMCP, # you can add them here as well. Each X terminal line should # look like: # XTerminalName:0 foreign # :0 local@tty1 /usr/X11R6/bin/X -nolisten tcp ### Don't change these two lines; they are hints for genkdmconf. ### ### Version 1.99 ### :1 local reserve /usr/X11R6/bin/X -nolisten tcp :1 vt8 :2 local reserve /usr/X11R6/bin/X -nolisten tcp :2 vt9 :3 local reserve /usr/X11R6/bin/X -nolisten tcp :3 vt10
Still al of this makes no changes to the fact that X keeps listening on the 6000 port.
And since this can evolve into a security risk I want it to change. Quite odd behaviour really since it's should be ommited as default.
-nolisten string don't listen on protocol
from X --help
I don't understand what you want to do, but here's how I start any 'xinit' session:
startx[fce4] -- -nolisten tcp
or in your case,
:0 local@tty1 /usr/X11R6/bin/X vt7 -nolisten tcp
or to '/etc/X11/xdm/Xservers'
:0 local /usr/X11R6/bin/X -nolisten tcp
should do it.
The 'nolisten tcp' will effectively stop your X server from listening to remote clients. You can use `nmap localhost` to verify it's not listening on that port.