> well, you may have not excluded localhost from the blocking rules. You > should try running `telnet localhost 6000' when you have an X server > running -- if it connects, the port is open, and you should look > elsewhere to fix the problem. The default is to allow connects to the high ports(everything over 1020) so 5999:6003, like I set up in my rules, shouldn't be necessary. i have since removed it. I did `telnet 0 6000' from localhost and got this: Trying 0.0.0.0... Connected to 0. Escape character is '^]'. Connection closed by foreign host. I am assuming this is an indication that the port is open and listening. `startx' still yeilds the same error. Any other ideas on why X might be broken? Side note: Anyone real savy with ipchains and want to start up a discussion on what's good/what's bad and what they'd consider a secured state for ipchains? Right now I am allowing http, ssh(I hope to get SSL working soon), ftp, and access on 6101 to one machine in our shop so Veritas can back me up(although I am unsure if the rules i set up for this are actually working correctly). I can ping out but no one can ping my machine but I don't have much more in the way of "security" on the box(excluding TCP wrappers and Portsentry). Anything else which might be beneficial as far as ipchains settings or other third party software? ____________________________ Mike Neuharth ADCS Technology Specialist http://www.umn.edu/adcs E-Mail : mjn at tc.umn.edu Page Mail : 6123065932 at messaging.sprintpcs.com http://nifty.dsl.visi.com/ ____________________________ --------------------------------------------------------------------- To unsubscribe, e-mail: tclug-list-unsubscribe at mn-linux.org For additional commands, e-mail: tclug-list-help at mn-linux.org