> -----Original Message----- > From: Shing-Fat Fred Ma [mailto:[EMAIL PROTECTED]] > > Would it be correct to assume that connections > > to localhost:x (on a solaris box) does not need > > ssh encryption? I'm assuming it doesn't travel > > over the LAN and can't be spied on. >
For general TCP/IP networking you are right. To complete it all: Hostname "localhost" and ipaddress "127.0.0.1" travel inside the network driver and generally don't touch any hardware. If there is no network device at all, this address works. If you address the real hostname (which you get with the `hostname` command) or the real IP address for the interface, it depends on some optimalization but in general you can say that this traffic touches the network device but it does not touch the network. If there is no network device, this address might not work. There is no need to have a real network connected. However, on bad configured or ancient bad design hardware, it is possible this trafic is send to the network! Since localhost (127.0.0.1) is designed to be local, there is not much security. It is even used in some setups to pass the security on the real network. On the other hand, real tight networks are even restricted in the usage of this localhost... However, this is dedicated security. For X11 addressing ($DISPLAY settings): $DISPLAY=:0.0 == localhost:0.0 == 127.0.0.1:0.0 $DISPLAY=hostname:0.0 == REAL_IP_ADDRESS:0.0 CBee --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
