{"id":20915,"date":"2009-12-16T16:10:41","date_gmt":"2009-12-16T20:10:41","guid":{"rendered":"http:\/\/www.bu.edu\/tech\/?page_id=20915"},"modified":"2010-01-25T16:15:12","modified_gmt":"2010-01-25T20:15:12","slug":"old-xwin32","status":"publish","type":"page","link":"https:\/\/www.bu.edu\/tech\/services\/security\/server\/vulnerability-management\/xprobe\/old-xwin32\/","title":{"rendered":"Securing Old X-Win32 Clients"},"content":{"rendered":"<p>Prior to version 8, access control is not turned on in X-Win32. Any application wishing to connect to the X server can do so without interacting with the user. This represents a significant security concern. To prevent any users from connecting to your X server, you should enable access controls in X-Win32. To do this:<\/p>\n<ol>\n<li>Right-click on the blue X icon near the clock.<\/li>\n<li>Select XConfig from the menu by clicking on it<\/li>\n<li>Click on the Security tab<\/li>\n<li>Make sure that both &#8220;Access Control&#8221; and &#8220;Use XAuth&#8221;            are checked<img loading=\"lazy\" src=\"http:\/\/www.bu.edu\/security\/docs\/x_win32_security_tab.jpg\" alt=\"\" width=\"431\" height=\"381\" \/><\/li>\n<li>Click &#8220;Apply,&#8221; then &#8220;OK&#8221;<\/li>\n<\/ol>\n<p>After doing this, any future connection to the X server will present          you with a dialogue box similar to the following:<\/p>\n<p><img loading=\"lazy\" src=\"http:\/\/www.bu.edu\/security\/docs\/x_win32_security_connect.jpg\" alt=\"\" width=\"306\" height=\"401\" \/><\/p>\n<p>As a general rule,<strong> <span style=\"color: #ff0000;\">you should only accept              connections that you have initiated and expect<\/span><\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Prior to version 8, access control is not turned on in X-Win32. Any application wishing to connect to the X server can do so without interacting with the user. This represents a significant security concern. To prevent any users from connecting to your X server, you should enable access controls in X-Win32. To do this:&#8230;<\/p>\n","protected":false},"author":2620,"featured_media":0,"parent":6543,"menu_order":7,"comment_status":"closed","ping_status":"open","template":"","meta":[],"_links":{"self":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/20915"}],"collection":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/users\/2620"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/comments?post=20915"}],"version-history":[{"count":3,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/20915\/revisions"}],"predecessor-version":[{"id":27204,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/20915\/revisions\/27204"}],"up":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/6543"}],"wp:attachment":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/media?parent=20915"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}