NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Do you allow http to ports other than 80?




I don't really think that a request for some non-standard http ports that
unusual, depending on the situation. For example: Some developers use port
81, 82, or whatever as their dev/test site.

So, this situation would be perfectly understandable if parts of your
business had their website hosted outside your network and they did their
UAT or whatever on the production machine on a different port.

Would I set up my dev site that way? Not likely. 

Would I let them access their dev site on port 81 through my proxy server?
In all likelihood yes.

Find out if these people have legitimate reasons for accessing these sites.
Are they warez sites? Are they sites at all or are they ftp servers etc? Are
you using a proxy server? If not that would be a handy addition to your
network. That way at least you would be a little more comfortable opening an
outgoing port for your proxy since the traffic will have to be http.

Regards
JP

-----Original Message-----
From: McCammon, Keith [mailto:[email protected]]
Sent: Wednesday, July 18, 2001 8:35 AM
To: 'Greg Winkler'; [email protected]
Subject: RE: [FW1] Do you allow http to ports other than 80?



That's a pretty strange situation you've got on your hands.  At some point I
think that you need to draw the line or perhaps look into getting some type
of justification for this.  I've run networks with upwards of 3000 users and
*never once* have a had a request to access a website (through a firewall)
on any port other than 80 or 8080.  My opinion: sneaky users or suspect web
sites.

Keith

-----Original Message-----
From: Greg Winkler [mailto:[email protected]]
Subject: [FW1] Do you allow http to ports other than 80?

Recently I've been bombarded by requests from my users to gain access to
websites outside the company that run on ports other than 80.




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.