Please check that your X Window system is secure.
X Windows is a networking and display protocol environment using a GUI
(graphical user interface). Common X Window servers include XFree86
and Xorg in UNIX style systems and Exceed, WinAXE, Cygwin’s Xwin on
Microsoft Windows systems.
In January 2007, it was discovered that there were keystroke logs on a
system at another University containing data from nine systems in
EECS. Eight of the systems were running various versions of the
Microsoft Windows operating system and one was running linux. We must
assume these keystroke logs contained all passwords used on these
hosts as well as all passwords used to connect to other hosts. It is
suspected that all 9 of the systems had insecure X Window Systems.
IRIS advises usng a layered approach to securing your X Window
System. Access to the X server should be controlled. Typically UNIX
style systems by default do control access to the X server, but a user
can overide the default. Typically Exceed on Windows by default allows
any remote host access to the X server; this is a bad thing.
In addition to controlling access to the X server by utilizing proper
configuration of the X Window system and using the related tools
properly, another layer of security can be added. A properly
configured host based firewall blocking unauthorized remote
access to the X server, typically 6000/tcp, is also recommended.
John Kim from the campus SNS (System and Network Security) group has
written a good knowledge base article concerning securing X Window
systems. The article contains details about configuring Exceed, the
Microsoft Windows firewall and the Symantec Client Security firewall at
https://security.berkeley.edu/node/373
It is also recommended that X traffic be encrypted for
example through an encrypted ssh tunnel.
If you need further help with securing your X Windows system please
contact your computer support person(s) or the EECS Helpdesk
(help@eecs, 395 Cory 9am-5pm, 313 Soda 10am-5pm, 642-7777).