Re: [fw-wiz] RE: In defense of non standard ports



Bill Royds wrote the following on 24.01.2006 01:32:
> As a postscript, when I managed a corporate firewall, I found that a number of
> sites and applications were trying to pass arbitrary traffic through HTTPS by
> just believing that it would not be examined by an application proxy more than
> checking the headers. Our particular firewall (Symantec SEF) actually had an
> HTTPS proxy and complained that the handshake was not correct and refused it.

Perhaps the confusion arose because HTTPS uses the HTTP CONNECT method,
which requests a simple TCP transport. AFAIK, there is nothing
HTTPS-specific to this method, though it is probably most often used for
HTTPS -- one other application that uses it is rsync. Of course, if your
policy allows only HTTP and HTTPS via the firewall, it is behaving
correctly in refusing the other traffic.

Cheers,
Tobias
--
Tobias Reckhard
secunet Tel : +49(6196)95888-42
Mergenthalerallee 77 Fax : +49(6196)95888-88
D-65760 Eschborn E-Mail: tobias.reckhard@xxxxxxxxxxx
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxx
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards