[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: port scans and X redirection



ok i will try that.  i have tried running ssh through ssh and its just way
too slow.

tim carmean
----- Original Message -----
From: "David O. Torrey, Jr." <tj@xxxxxxx>
To: <lug-l@xxxxxxx>
Sent: Tuesday, February 26, 2002 1:09 PM
Subject: Re: port scans and X redirection


> For one application, it might be easier to just use ssh with X-redirection
> turned on.  The $DISPLAY setting is taken care of for you, and everything
> should be happy.
>
> As for forwarding ports, you'll want to forward port 6001 to the inside
> machine's port 6000 (not 6001):
>
> $IPTABLES -A PREROUTING -t nat -p udp -d $EXTIP --dport 6001 -j DNAT --to
192.168.0.70:6001
>
> should be:
>
> $IPTABLES -A PREROUTING -t nat -p udp -d $EXTIP --dport 6001 -j DNAT --to
192.168.0.70:6000
>
> X is a TCP-based protocol, if that helps.
>
> Thanks,
> Dave
>
> +------------------------------------------------------------------------+
> | David Torrey                     Senior Systems Programmer             |
> | tj@xxxxxxx                       Center for Experimental Computation   |
> | (906) 487-2165 voice             Michigan Technological University     |
> | (906) 487-2283 fax                  Houghton, MI 49931                 |
> | http://www.cec.mtu.edu/~tj/                                            |
> +------------------------------------------------------------------------+
>
> On Tue, 26 Feb 2002, Tim Carmean wrote:
>
> > all i want to do is X -query snapster11.snap.mtu.edu which is the civil
> > server so i can run ideas from my dorm room.  i can do it fine from my
> > router but the problem is my router only has a 17" screen.  the machine
im
> > trying to X -query from is my HP Workstation running debian and kernel
> > 2.4.16.  this machine has a 21" monitor (fixed frequency sync on green
which
> > is why i dont use it on my main machine).  what i tried was setting
> > DISPLAY=192.168.0.70:1 (ip and port i want to use), and to my firewall
> > ruleset:
> >
> > $IPTABLES -A PREROUTING -t nat -p udp -d $EXTIP --dport 6001 -j
DNAT --to
> > 192.168.0.70:6001
> >
> > its probably something as simple as being tcp or something but i still
get
> > the error "session failed for display 192.168.0.70:1: cannot open
display"
> >
> > all i want to do is be able to do X -query snapster11.snap.mtu.edu so i
can
> > run ideas from the dorm.
> >
> > /me wonders if anyone can provide some more insight to his problem
> >
> > tim carmean