On Jun 18,  7:48am, Amit Gupta wrote:
> Subject: Re: Network thingies not working
> On Mon, 17 Jun 1996, Rik Griffin wrote:
>
> > > You could try
> > >
> > >    xterm -display cheesey.demon.co.uk:0
> > >
> > > Please note the ":0" at the end. And make sure that cheesey.demon.co.uk
> > > can be resolved correctly into an IP address.
> >
> > It can, and I have tried -display 158.152.37.242:0.0 as well. Netstat
> > indicates that a connection is being made, but nothing happens from
> > there onward. Just like the telnet problem really, it's really odd.
>
> Maybe the display connection is being refused ? If so, you could try
> typing
>
> xhost +
>
> when logged into RiscBSD, then doing a telnet/rlogin to the remote
> machine and trying the xterm again.

Note you should not use this as standard practice when connected to the
internet. Doing so is roughly equivalent to having no password on any of the
accounts you access between typing xhost + and when you kill your X server. The
reason for this is that xhost + switches off authentication allowing anyone to
start an arbitrary X client on your screen. Such a client could be invisible
but record all keypresses (including ones which aren't echoed - ie passwords)
and could also insert things into your keyboard buffer. Note that
authentication only takes place when the client starts so typing xhost - at a
later time does not make things secure. There are scanners used by crackers
which are known to detect this particular hole and I personally know of at
least two cases where it has been used to crack a machine (one was a demon
account). With this caveat xhost + is useful for debugging.

Cheers

Rob Black

--