Re: [fw-wiz] Why are developers choosing to...
- From: Darren Reed <darrenr@xxxxxxxxxxxxxxxxx>
- Date: Sat, 21 Jan 2006 08:04:07 +1100 (EST)
>
> Why are developers choosing to write "web-based" code that runs some
> sort of encryption, typically SSL, across a non-standard port (say
> 10443) and then having those URLs blow up when they try to traverse the
> prudent company's perimeter security...You know..."deny all that is not
> explicitly allowed."
>
> I am seeing more and more "websites" that use a URL such as
> http://register.at.my.site:10443. Why not just use the standard secure
> port 443 from the get go? Is there something that makes SSL across
> 10443 innately more secure, or is this just the "security by obscurity"
> smoke-and-mirrors trick?
Well, you don't have to run the web server software as root, if it is
running on Unix system, to use port 10443.
Darren
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- [fw-wiz] Why are developers choosing to...
- From: Behm, Jeffrey L.
- [fw-wiz] Why are developers choosing to...
- Prev by Date: RE: [fw-wiz] Why are developers choosing to...
- Next by Date: RE: [fw-wiz] Why are developers choosing to...
- Previous by thread: Re: [fw-wiz] Why are developers choosing to...
- Next by thread: Re: [fw-wiz] Why are developers choosing to...
- Index(es):
Relevant Pages
|
|
