Re: [fw-wiz] trusted & untrusted ports

From: Mikael Olsson (mikael.olsson_at_clavister.com)
Date: 11/10/03

  • Next message: Monkey Boy: "Re: [fw-wiz] trusted & untrusted ports"
    To: Hilal Hussein <hilalma@hotmail.com>
    Date: Mon, 10 Nov 2003 14:34:31 +0100
    
    

    Hilal Hussein wrote:
    >
    > Q1 - How to identifiy trust vs untrusted ports. [...]

    Recommended reading:

    http://www.interhack.net/pubs/fwfaq/#SECTION00094000000000000000
    - C.4 How do I determine what service the port is for?
    - C.5 What ports are safe to pass through a firewall?

    > Q2 - Reading some technical documents about accessing applications over the
    > net, I noticed that sometimes the connection is not a client/server
    > technique, it could be through the http port, in other words, no need to
    > open specific port in order to be able to access the net application from
    > within our network coorporate since it is using the http port.

    ... but does that mean that it is _safe_?
    (Hint: the answer lies in C.5, above)

    -- 
    Mikael Olsson, Clavister AB
    Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden
    Phone: +46 (0)660 29 92 00   Mobile: +46 (0)70 26 222 05
    Fax: +46 (0)660 122 50       WWW: http://www.clavister.com
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Monkey Boy: "Re: [fw-wiz] trusted & untrusted ports"

    Relevant Pages

    • Re: keeping ports open
      ... If a port is open, it means that 1) a software or service is running on your ... and 2) you're not using a firewall or your firewall isn't ... Use firewall software and hardware and antivirus software that is ... Follow the instructions for hardening Windows and IIS at ...
      (microsoft.public.security)
    • RE: Concepts: Security and Obscurity
      ... First I have to state an assumption of a single firewall in the cases mentioned as I fail to see why adding SPA to a dual layered authenticated system would be adding anything at all other than trouble with users. ... Subject: Concepts: Security and Obscurity ... You send me a SYN to a given port ... "If I take a letter, lock it in a safe, hide the safe somewhere in New ...
      (Security-Basics)
    • Re: How to Maintain an IIS Server?
      ... > server running on a Windows 2000 server. ... before a firewall and antivirus have been installed]. ... open ports; however, this will not identify which program is using the port. ...
      (microsoft.public.inetserver.iis.security)
    • Re: CEICW fails at firewall config
      ... ISA Server prevents connection to a remote desktop when you connect through ... Remote Web Workplace on a Windows Small Business Server 2003-based computer ... Acceleration Server as a firewall. ... connection uses TCP port 4125. ...
      (microsoft.public.windows.server.sbs)
    • Re: How to Maintain an IIS Server?
      ... >> server running on a Windows 2000 server. ... > before a firewall and antivirus have been installed]. ... > program or executable using that port. ...
      (microsoft.public.inetserver.iis.security)