> You could force the SSH client to *not* forward X11 with -x > (the low-caps x char) regardless other client/server-side > specifications. If you do not specify any other special > forwarding (-L or -R) then there will be no forwarding.
Good, that was what I was hoping for. (Obviously, my default /etc/ssh/ssh_config doesn't turn on the fwding by default.) Luckily, I am also not using any agent fwding as well. The box is remote, and I'll only have console access in a couple of days. Meanwhile, the only thing I have is looking at some offline backups and working remotely in the (compromised) environment. Right now I'm looking at the lsof output there, a curious entry from Apache shown by lsof: apache 3170 root mem DEL 0,5 0 /SYSV0000000 Does it ring the bell for anyone? (The box runs apache 1.3.26-0woody5). chkrootkit (inside the compromised environment, so it is no big surprise) doesn't report anything. V. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
